Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system.
ba9978c6dd36270b7bb749cf4cfc39b45e461e3b59b5e5c4167fb73e7b549cfa
Debian Security Advisory 1539-1 - Chris Schmidt and Daniel Morissette discovered two vulnerabilities in mapserver, a development environment for spatial and mapping applications. Lack of input sanitizing and output escaping in the CGI mapserver's template handling and error reporting routines leads to cross-site scripting vulnerabilities. Missing bounds checking in mapserver's template handling leads to a stack-based buffer overrun vulnerability, allowing a remote attacker to execute arbitrary code with the privileges of the CGI or httpd user.
4e03e1d418c78d4f766449d62f4f3edfe4ee522c8a3346892eadea4de97ee86d
Debian Security Advisory 1538-1 - Erik Sjolund discovered a buffer overflow vulnerability in the Ogg Vorbis input plugin of the alsaplayer audio playback application. Successful exploitation of this vulnerability through the opening of a maliciously-crafted Vorbis file could lead to the execution of arbitrary code.
6f3b7b5c07f055fae27675663af4a6564e2b826e468e5fba31f6304d7692567a
CA Security Advisory - CA ARCserve Backup for Laptops and Desktops Server contains multiple vulnerabilities that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The first issue occurs due to insufficient bounds checking on command arguments by the LGServer service. The second issue occurs due to insufficient verification of file uploads by the NetBackup service. In most cases, an attacker can potentially gain complete control of an affected installation. Additionally, only a server installation of BrightStor ARCserve Backup for Laptops and Desktops is affected. The client installation is not affected.
465613d80f35d24daf2fd29de5df3e3834e3533ddc03f34fa29343c01188d0fe
CA Security Advisory - CA Alert Notification Server service contains multiple vulnerabilities that can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The vulnerabilities are due to insufficient bounds checking in multiple procedures. A remote authenticated attacker or local user can exploit a buffer overflow to execute arbitrary code or cause a denial of service.
87c606935857a14dd69d4559e0de12e92406b71e84be5dad04da16eda476df5d
HP Security Bulletin - A potential security vulnerability has been identified with two types of optional HP USB Floppy Drive Keys intended for use with certain ProLiant servers. This vulnerability could cause a local 'W32.Fakerecy' or 'W32.SillyFDC' virus infection.
d91bf5de69ed7863bd3a53d32f7430f4ded5bd0537a568bea144b3bc0dd5cbe1
Nth Dimension Security Advisory (NDSA20080215) - The Festival server is vulnerable to unauthenticated remote code execution. Further research indicates that this vulnerability has already been reported as a local privilege escalation against both the Gentoo and SuSE GNU/Linux distributions. The remote form of this vulnerability was identified in 1.96~beta-5 as distributed in Debian unstable but it is also believed that Ubuntu Hardy Heron was affected.
679be8c3c5c41b4fce67f2ff8f104fcb7afbc9d058857614bb4a84ab75341837