http://secunia.com/advisories/29000/ - Some vulnerabilities have been reported in ClamAV, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system. This affects versions prior to 0.93 and have been fixed in v0.93. It is suggested to test and update to this version as soon as possible for systems scanning email, and during the next outage window for other systems not performing real time scanning.
http://secunia.com/advisories/29569/ - Multiple dissectors within wireshark (nee ethereal) can cause a denial of service attack. This affects versions prior to 1.0.0. It is recommended to upgrade if you use this tool.
http://www.mozilla.com/en-US/firefox/220.127.116.11/releasenotes/ - Multiple vulnerabilities were found in version 18.104.22.168 and 22.214.171.124 which could lead to many different types of information disclosure, cross site scripting and possibly even system compromise. It is recommended to update to v126.96.36.199 at the next outage window. It is also noted that v1.5.x of Firefox has not been supported for almost a year and upgrading to 2.0 is highly recommended.
http://secunia.com/advisories/29503/ - Multiple vulnerabilities affect VLC version 0.8.6e and below. These vulnerabilities can lead to system exploitation. It requires the user to open a malicious media file. It is recommended to upgrade to version 0.8.6f at your earliest convenience.
http://secunia.com/advisories/29200/ - By coaxing a phpMyAdmin user to view a malicious file on the same web server as phpMyAdmin, it is possible to overwrite a vulnerable cookie on that users system. This cookie could allow for arbitrary SQL injection via phpMyAdmin. This vulnerability poses low to no risk as the attack method requires access to the web server hosting phpMyAdmin. It is recommended that the available patch to version 2.11.5 should be applied during the next update schedule for phpMyAdmin.
http://secunia.com/advisories/29103/ - In versions prior to 8.62, a zseticcspace() buffer overflow could result in arbitrary code execution by a malicious user. It would require the malicious user to upload a malicious postscript file to a system or coax a user into viewing a malicious postscript file. It is recommended to update to v8.62.
http://www.securityfocus.com/bid/26367/info - Xpdf is vulnerable to arbitrary code execution in the context of the xpdf process. This exploit requires convincing the victim to open a malicious pdf file. Xpdf 3.02pl1 is vulnerable to these issues; other versions may also be affected. A patch is available which fixes this hole (ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch). It is recommended to update xpdf when the vendor releases a new version.
http://secunia.com/advisories/29133/ - Multiple vulnerabilities were fixed in Thunderbird. These include heap overflows, information disclosure, directory traversal, privilege escalation and memory corruption crashes. These problems are fixed in version 188.8.131.52. It is worth mentioning that Thunderbird 1.5 is no longer supported. Mozilla has warned that these issues remain in Thunderbird 1.5.14 and are not scheduled to be fixed. It is recommended that all Thunderbird users upgrade to 184.108.40.206.
http://secunia.com/advisories/29049/ - Netscape has verified multiple vulnerabilities in the Netscape 9.x web browser. These vulnerabilities range from Security Bypass, XSS, Spoofing, PII exposure, DoS, remote system access. Upgrading to version 220.127.116.11 fixes these issues and is recommended.
http://secunia.com/advisories/28994/ - A vulnerability in the cups daemon may allow for a remote DoS or system compromise. This affects version 1.3.5 and possibly prior versions. CUPS v1.3.6 has been released and fixes this vulnerability. It is suggested to upgrade to v1.3.6.