http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 - gpdf is used in various programs including (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, (5) CUPS and (6) tetex, and others. This vulnerability is in gpdf prior to version 2.8.2. Please check with your OS provider for updates of any programs with the ability to read PDFs.
http://research.eeye.com/html/alerts/zeroday/20070606.html - ActiveX controls used with Yahoo! Webcam image upload and view utilities could lead to remote compromise of client machines. Yahoo! has released a patch, link available at the above location.
http://secunia.com/advisories/25183/ - Four specific vulnerabilities allow for exploits on both clients and the server in the range of Denial of Service (DoS) to running arbitrary code. This affects Exchange 2000 Enterprise Server, Exchange 2000, 2003 and 2007. Patches are available for each of these systems and links are provided at the URL above.
http://www.securityfocus.com/bid/23447/info - It appears that a bounds checking error in the IPV4 forwarding semantics stack could lead to a remote Denial of Service (DoS) or possibly malicious code execution. This has been fixed in 2.6.21-rc6. RedHat has released updates for RHEL5.
http://www.eweek.com/article2/0,1759,2132245,00.asp?kc=EWRSS03129TX1K000... - A specially crafted html file could lead to a remote exploitation of a users machine. Symantec has a fix that should be applied.
http://isc.sans.org/diary.php?storyid=2804 - Three vulnerabilities were fixed in the 3.0.25 release of Samba. These vulnerabilities could lead to remote exploitation of Samba servers. It is recommended to test this new release of Samba and deploy it at your earliest outage window.
http://support.microsoft.com/gp/lifesupsps#Windows - Microsoft is no longer offering updates for Windows 2003 Server (SP0) as of April 10, 2007. If you are still running this version of Windows, it may be time to update to Service Pack one or two (SP1, SP2).
http://secunia.com/advisories/24122 - There is a vulnerability in versions of Microsoft Word from Office 2000, 2003, 2004 (Mac) and Microsoft Works that could allow for remote exploitation. This would require the user to open a crafted Word document. This vulnerability was reported in February 2007, and Microsoft just verified the problem and released patches.
http://www.heise-security.co.uk/news/89228/from/atom10 - It appears that three plugins by the same author are suceptible to attack: myFlash, wordTube and wp-Table. Upgrading to the latest version or removing them from the system is the best bet for protection.
http://docs.info.apple.com/article.html?artnum=305391 - This is the second security update in as many months from Apple targetting Mac OS 10.3.9 through 10.4.9. This update fixes various vulnerabilities in the Macintosh operating system and related applications. There has been one IAS related report of difficulty with this update that required multiple reboots to resolve. It is recommended that this patch be tested and your users updated about the issues.