Cisco Wireless LAN Controllers are affected by some vulnerabilities. A Denial-of-Service is possible due to vulnerabilities regarding HTTP, IPv6 as well as WebAuth. Additionally, unautorized access is possible. Cisco has released free software updates to address these vulnerabilities.

Cisco Cius Software contains a Denial-of-Service (DoS) vulnerability that could cause the device to stop responding. Devices running Cius Software Versions prior to 9.2(1) SR2 are vulnerable. A remote, unauthenticated attacker could exploit this vulnerability by sending malicious network traffic to affected devices. Cisco has released free software updates to address this vulnerability.

Cisco Unified Communications Manager devices may allow a remote, unauthenticated attacker with the ability to send crafted Skinny Client Control Protocol (SCCP) messages to an affected device to cause a reload or execute attacker-controlled SQL code. Cisco has released free software updates to address these vulnerabilities.

Two vulnerabilities have been found in the Cisco Unity Connection. A possible privilege escalation allows authenticated elevate their privileges and obtain full access to the affected system. Besides this, a Denial-of-Service (DoS) vulnerability might allow an unauthenticated, remote attacker to cause system services to terminate unexpectedly, which may result in a DoS condition. Cisco has released free software updates to address these vulnerabilities.

Cisco TelePresence Video Communication Servers running software versions prior to X7.0.1 contain vulnerabilities that could allow an attacker to cause a Denial-of-Service (DoS) condition. Cisco has released free software updates that address these vulnerabilities.

A vulnerability in libxslt allows remote attackers to cause a Denial-of-Service (DoS) using unspecified vectors. Updated packages are available now.

Several security issues have been fixed in Moodle, a course management system for online learning. Exploiting them allow remote attackers e.g. unauthorized access.
The file type identification tool file and its associated library libmagic don't properly process malformed files in the Composite Document File (CDF) format, leading to crashes. This Denial-of-Service (DoS) can be avoided by installing the latest packages.

Updated java-1.4.2-ibm-sap packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5 and 6 for SAP.

The LDAP support shipped with the Sun/Oracle and OpenJDK JVMs doesn't perform hostname verification when using LDAPS. The lack of hostname verification means that while the connection between the Identity Provider (IdP) and LDAP server is encrypted, the IdP has no way to verify it's actually communicating with the appropriate LDAP server. It's recommended to use startTLS (if supported), or to upgrade to IdP 2.3.6.

A vulnerability in Ruby has been found. Hash values are calculated in a wrong manner, so hash collisions are possible. This might lead to a Denial-of-Service (DoS) due to very high CPU consumption.
The smbd in Samba shows a vulnerability that might lead to a heap-based buffer overflow. As a consequence, remote attackers are able to deploy a Denial-of-Service or possibly execute arbitrary code on a vulnerable system.
Several local vulnerabilities have been discovered in PostgreSQL. It was discovered that the permissions of a function called by a trigger are not checked, resulting in privilege escalation. Besides this, reloading a pg_dump file might result in arbitrary SQL command execution when opening a file.
Updates are available now.

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. Expoiting these vulnerabilities might allow remote attackers to access privileged and/or confidential data, to modify arbitrary data as well as to conduct a Denial-of-Service (DoS). Updated packages are available now.

Security issues were identified and fixed in mozilla firefox and thunderbird. An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable. The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions whish is not affecte dby this security flaw. Additionally the rootcerts packages has been upgraded to the latest version.

Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. It was discovered that the permissions of a function called by a trigger are not checked. This could result in privilege escalation. It was discovered that only the first 32 characters of a host name are checked when validating host names through SSL certificates. This could result in spoofing the connection in limited circumstances. It was discovered that pg_dump did not sanitise object names. This could result in arbitrary SQL command execution if a malformed dump file is opened. New updates are available.

It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. New packets are available for download.

It was discovered that FEX, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected cross-site scripting attacks via various script parameters. A new update is available.

The TCP implementation in IBM AIX 5.3, 6.1, and 7.1, when the Large Send Offload option is enabled, allows remote attackers to cause a denial of service via an unspecified series of packets. New updates are available.

An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable. New updates are available.

A CSRF vulnerability in the implementation of the XML-RPC API when running under mod_perl could be used to make changes to bugs or execute some admin tasks without the victim's knowledge.

Three vulnerabilities have been identified in Cisco Small Business (SRP 500) Series Services Ready Platforms. These vulnerabilities can be exploited using sessions to the Services Ready Platform Configuration Utility web interface. These vulnerabilities could be exploited from the local LAN side of the SRP device by default configuration and the WAN side of the SRP device if remote management is enabled. Remote management is disabled by default. Cisco has released free software updates that address these vulnerabilities.

Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux.

Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5, and Red Hat Enterprise Linux 5.3 Long Life, and 5.6 Extended Update Support.

It was discovered that Notmuch, an email indexer, did not sufficiently escape Emacs MML tags. When using the Emacs interface, a user could be tricked into replying to a maliciously formatted message which could lead to files from the local machine being attached to the outgoing message. New packets are available for download.

A potential security vulnerability has been identified with HP Data Protector Storage Media Operations (SMO). This vulnerability could be remotely exploited to allow execution of arbitrary code. HP has provided a patch to resolve this vulnerability.

A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS). HP has provided upgrades to resolve this vulnerability.

A known SSL/TLS vulnerability exists in the SSLv3 and TLS 1.0 protocols. To mitigate the risk of this vulnerability, please follow the specific configuration recommendations in IBM swg21578730.

A vulnerability has been found and corrected in libpng. Integer overflow in libpng allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Updated packages are available now.

It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead. Updated packages are available now.

Several updates are available for Red Hat Enterprise Linux 5 and 6. They address vulnerabilities in cvs, java-1.6.0-openjdk, httpd, libxml2, rhev-hypervisor5, kvm, conga, and jbossweb. It's recommended to install these updates.

F*X, a web service for transferring very large files, is not properly sanitizing input parameters of the "fup" script. An attacker can use this flaw to conduct reflected Cross-Site Scripting (XSS) attacks via various script parameters.
Several vulnerabilities that can lead to the execution of arbitrary code have been discovered in libmodplug, a library for mod music based on ModPlug.
Updated packages are available now.

Several updates are available for Red Hat Enterprise Linux 5. They address vulnerabilities in util-linux, samba, ImageMagick, vixie-cron, cups, busybox, sos, initscripts, kexec-tools, krb5, boost, kernel, xorg-x11 server, sudo, ibutils as well as nfs-utils. It's recommended to install these updates.

Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
Updated packages are available now.

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.

HP StorageWorks P2000 G3 contains an embedded webserver which is vulnerable to a directory traversal vulnerability which may allow a remote, unauthenticated attacker to obtain sensitive information. A solution to this problem is currently unknown.

In phpMyAdmin a Cross-Site Scripting (XSS) attack is possible. To exploit this vulnerability, a crafted database name is used. It's recommended to upgrade to phpMyAdmin 3.4.10.1 or to apply the corresponding patch.

It was discovered that mumble, a VoIP client, doesn't probably manage permission on its user-specific configuration files, allowing other local users on the system to access them. Further on, it has been discovered that a heap overflow in the Vorbis audio compression library could lead to the execution of arbitrary code if a malformed Ogg Vorbis file is processed.
Updated packages are available now.

A number of security vulnerabilities have been identified in the management web interface of Citrix XenServer Web Self Service. These vulnerabilities affect all currently supported versions of Web Self Service prior to version 1.1.1. These vulnerabilities have been addressed in a new version of the Web Self Service virtual appliance.

An updated thunderbird package that fixes one security issue is now available for Red Hat Enterprise Linux 6. A heap-based buffer overflow flaw was found in the way Thunderbird handled PNG images. An HTML mail message or remote content containing a specially-crafted PNG image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird.

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary.

Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. New updates are available.

Several vulnerabilities have been discovered in Adobe Flash player. New updates are available for download.

IBM Rational License Key Server and IBM Rational License Key Administrator have upgraded the JRE that they package in order to mitigate a security vulnerability in Java Runtime Environment.

An integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed, was discovered. New packets are available for download to address this issue.

Several vulnerabilities have been discovered in debdiff, a script used to compare two Debian packages, which is part of the devscripts package. New packets are available for download.

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, allows remote attackers to cause a denial of service via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference. New packets are available for download.

An updated rhev-hypervisor6 package that fixes multiple security issues and various bugs is now available.

Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL. New updates are available.

Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php. New packets are available.

Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6.

Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Ogg Vorbis file. New updates are available for download, to eliminate these vulnerability.

Multiple vulnerabilities in the Linux kernel may allow local attackers to execute arbitrary code with the privileges of the kernel. New updates are available for download, to eliminate these vulnerabilities.

Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly calculate the length of an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted XAML browser application. New updates are available.

Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file. New updates are available.

Untrusted search path vulnerability in the Indeo filter (iac25_32.ax) in Microsoft Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse iacenc.dll that is located in the same folder as an AVI. New updates are available.

Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media file. New updates are available.

A vulnerability in color control panel could allow remote attackers to execute arbitrary code. New updates are available.

Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via JavaScript sequences in a URL. New updates are available.

Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object. New updates are available.

Afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application. New updates are available.

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges via a crafted application that triggers keyboard layout errors. New updates are available.

A vulnerability has been found and corrected in ASF APR. tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service via crafted input to an application that maintains a hash table. A new update is available.

The solidDB server can shut down abnormally when running a query where a part of WHERE condition is fully redundant by other conditions. A new update is available.

Several vulnerabilities have been discovered in PHP, the web scripting language. New packets are available for download, to fix this issues.

Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux.

Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux.

Updated glibc packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux.

Multiple denial of service (DoS) vulnerabilities in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system have been identified. Successful exploitation of these vulnerabilities may allow an attacker to execute a denial of service (DoS) attack and potentially execute arbitrary code. New updates are available.

Cross-site scripting (XSS) and write access violation vulnerabilities in the Invensys Wonderware HMI reports product have been identified. Successful attacks could result in data leakage, denial of service, or remote code execution. New updates are available.

A File Inclusion vulnerability was discovered and corrected in GLPI. The advisory provides the latest version of GLPI (0.80.7) that is not vulnerable to this issue.

An update for JBoss Enterprise Application Platform 5.1.2 that fixes one security issue is now available from the Red Hat Customer Portal. If not fixed, a local user might access privileged data.

Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 5. Exploiting them might allow local users a Denial-of-Service (DoS) or a root compromise. So installing this update is recommended.

Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base. Exploiting them might lead to a Denial-of-Service (DoS), access to confidential data or remote code execution.
It has been discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client.
Updated packages are available now.

A potential security vulnerability has been identified with HP System Management Homepage (SMH) for Linux and Windows. The vulnerability could be exploited remotely resulting in unauthorized disclosure of information. HP has referenced a workaround to resolve the vulnerabilities.

SquirrelMail is a standards-based webmail package written in PHP. Some vulnerabilities have been found, allowing e.g. Cross-Site Scripting (XSS) attacks, Cross-Site Request Forgery (CSRF) attacks or a Denial-of-Service (DoS).
The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
MySQL is a multi-user, multi-threaded SQL database server. Several vulnerabilities might allow local users a Denial-of-Service (DoS) or access to confidential data.
Updated packages address these issues.

ISC BIND 9 resolver contains a vulnerability that could allow a attacker to keep a domain name in the cache even after it has been deleted from registration. This is not only a problem of BIND because it's due to design issues in the DNS protocol. A solution isn't available now.

Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM). The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. HP has made procedures available to resolve the vulnerabilities.

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine, which may lead to information disclosure, reduced security, or may enable Denial-of-Service (DoS). New updates are available.

GLPI is a web-based software for IT resource management. The autocompletion functionality in GLPI before 0.80.2 doesn't blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request. Updated packages are available now.

Red Hat Network (RHN) Proxy provides a mechanism for caching content, such as package updates from Red Hat. If a user submits a system registration XML-RPC call to a RHN Proxy server and that call fails, their RHN user password is included in plain text in the error messages. With an update, user passwords are excluded from these error messages to avoid the exposure of authentication credentials.

Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation IT infrastructure for enterprise computing. Updated Grid component packages that fix multiple security issues, multiple bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux.

A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. HP has made a hotfix available.

Security Update 2012-001 v1.1 is now available for Mac OS X v10.6.8 systems to address a compatibility issue. Version 1.1 of this update removes the ImageIO security fixes released in Security Update 2012-001.

Several vulnerabilities have been discovered in Cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands. New packets are available.

Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. New packets are available.

It was discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. New updates are available.

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. These vulnerabilities may allow remote attackers to execute arbitrary code. New updates are available.

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. New updates are available.

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine, which may lead to information disclosure, reduced security, or may enable denial of service (DoS). New updates are available.

AIX could allow a remote attacker to cause a denial of service, caused by an error when the TCP large send offload option is enabled on a network interface. By sending a specially-crafted sequence of packets, an attacker could exploit this vulnerability to cause a kernel panic. A new update is available.

EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. A new update is available.

Several vulnerabilities have been discovered in Cacti, a graphing tool for monitoring data. Multiple Cross-Site Scripting (XSS) issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.
Updated packages are available now.

Project Open is the link between ERP and Project Management. A Cross-Site Scripting (XSS) vulnerability might allow attackers to run script code in a victims browser in the context of the web server. Until now, an update isn't available.

The EMC Documentum Content Server 6.x contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system. Patches are available now.

A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. HP has made a hotfix available for affected products.

An environmental variable disclosure vulnerability has been found in RSA enVision. This could allow an unauthenticated user to gain information about the web system setup. RSA strongly recommends an upgrade to RSA enVision 4.1 P3 or V4.0 SP4 P5.

A potential security vulnerability has been identified with HP Data Protector Media Operations. This vulnerabilities could be remotely exploited to allow execution of arbitrary code.
HP has provided a patch to resolve this vulnerability.

Bugzilla is a Web-based bug-tracking system. Two vulnerabilities have been found within Bugzilla. When a user creates a new account, Bugzilla doesn't correctly reject E-Mail addresses containing non-ASCII characters, which could be used to impersonate another user account. Additionally, a Cross-Site Request Forgery (CSRF) vulnerability in the implementation of the JSON-RPC API could be used to make changes to bugs or execute some admin tasks without the victim's knowledge.
The fixes for these issues are included in the 3.4.14, 3.6.8, 4.0.4, and 4.2rc2 releases of Bugzilla.

It has been discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
FreeType is a font engine that can open and manage font files. Multiple input validation flaws have been found found in the way FreeType processes bitmap font files and CID-keyed fonts. Specially crafted files might cause an application linked against FreeType to crash or allow an attacker to execute arbitrary code on the vulnerable system.
Ghostscript is a set of software that provides e.g. a PostScript interpreter. Several well known vulnerabilities might cause a Denial-of-Service (DoS) or remote code execution.
Updated packages are available now.

Several vulnerabilities have been found in Tomcat, a servlet and JSP engine. Exploiting them might allow remote and unauthenticated attackers access to confidential data or Denial-of-Service (DoS).
It has been discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
Updated packages are available now.

Multiple vulnerabilities have been found in Drupal Core. They might allow a Cross-Site Request Forgery (XSRF) attack, a Denial-of-Service (DoS) or unauthorized access. Users should upgrade to Drupal 6.23 or 7.11, respectively.

OS X Lion v10.7.3 and Security Update 2012-001 is now available and addresses many security related problems. This update is recommended.

Updated openssl packages that fix two security issues are now available for Red Hat Enterprise Linux 4. Please regard that RHEL 4 is supported until end of February 2012 only!

JBoss Operations Network 2.4.2, which fixes multiple security issues and several bugs, is now available from the Red Hat Customer Portal. Since some relevant security issues are fixed with this version, an upgrade ist recommended.

VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues. So it's strongly recommended to upgrade as soon as possible.

A user's 802.1X WiFi credentials and SSID information may be exposed to any application with basic WiFi permissions on certain HTC builds of Android. An attacker may be able to view and exfiltrate WiFi SSID information and credentials. Updating vulnerable phones remedies this problem.