http://secunia.com/advisories/29838/ - Adobe Photoshop Album Starter Edition 3.2 and Adobe After Effects CS3 (and possibly other Adobe products) are vulnerable to a buffer overflow vulnerability that could lead to system compromise. An update is not yet available. Users should avoid opening untrusted BMP files.
http://secunia.com/advisories/29786/ - RedHat has released a new version of ImageMagick which fixes DoS and system compromise vulnerabilites. This new release affects RHEL2.1, 3, 4 and 5. It is suggested to test and update during the next scheduled outage window.
http://secunia.com/advisories/29836/ - Poppler is a PDF rendering engine used by xpdf, evince and other tools. There is a system compromise vulnerability that can be exploited by processing malicious PDF files. RedHat has released poppler-0.5.4-4.4 to fix this vulnerability. It is suggested to test and update to this version during the next outage window.
http://secunia.com/advisories/27124/ - A vulnerability in the plugins for Nagios could lead to system compromise. Successful exploitation requires that a connection is made to a malicious web server. This affects versions prior to 1.4.10. Fedora just released updates for nagios-plugins for Fedora 7 and Fedora 8.
http://secunia.com/advisories/29852/ - Multiple vulnerabilities in OpenOffice prior to version 2.4 exist that could allow for system compromise. It is recommended to update to v2.4. This attack requires the user to open a malicious document, so it is advised not to open files from unverified sources.
http://secunia.com/advisories/29000/ - Some vulnerabilities have been reported in ClamAV, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system. This affects versions prior to 0.93 and have been fixed in v0.93. It is suggested to test and update to this version as soon as possible for systems scanning email, and during the next outage window for other systems not performing real time scanning.
http://secunia.com/advisories/29569/ - Multiple dissectors within wireshark (nee ethereal) can cause a denial of service attack. This affects versions prior to 1.0.0. It is recommended to upgrade if you use this tool.
http://www.mozilla.com/en-US/firefox/184.108.40.206/releasenotes/ - Multiple vulnerabilities were found in version 220.127.116.11 and 18.104.22.168 which could lead to many different types of information disclosure, cross site scripting and possibly even system compromise. It is recommended to update to v22.214.171.124 at the next outage window. It is also noted that v1.5.x of Firefox has not been supported for almost a year and upgrading to 2.0 is highly recommended.
http://secunia.com/advisories/29503/ - Multiple vulnerabilities affect VLC version 0.8.6e and below. These vulnerabilities can lead to system exploitation. It requires the user to open a malicious media file. It is recommended to upgrade to version 0.8.6f at your earliest convenience.
http://secunia.com/advisories/29200/ - By coaxing a phpMyAdmin user to view a malicious file on the same web server as phpMyAdmin, it is possible to overwrite a vulnerable cookie on that users system. This cookie could allow for arbitrary SQL injection via phpMyAdmin. This vulnerability poses low to no risk as the attack method requires access to the web server hosting phpMyAdmin. It is recommended that the available patch to version 2.11.5 should be applied during the next update schedule for phpMyAdmin.