SECUNIA ADVISORY ID: SA22333

VERIFY ADVISORY: http://secunia.com/advisories/22333/

CRITICAL: Highly critical

IMPACT: Exposure of sensitive information, System access

WHERE: >From remote

SOFTWARE:
Microsoft XML Parser 2.x - http://secunia.com/product/12261/
Microsoft XML Core Services 3.x - http://secunia.com/product/12262/
Microsoft Core XML Services (MSXML) 6.x - http://secunia.com/product/6473/
Microsoft Core XML Services (MSXML) 4.x - http://secunia.com/product/6472/
DESCRIPTION: Two vulnerabilities have been reported in Microsoft XML Core Services, which can be exploited by malicious people to disclose certain information and compromise a vulnerable system.

1) An unspecified error exists in the XMLHTTP ActiveX control when interpreting a HTTP server-side redirect. This can be exploited to disclose certain information e.g. via a specially crafted web page.

2) A boundary error exists in the XSLT processing in MSXML. This can be exploited to cause a buffer overflow via a specially crafted web page and allows execution of arbitrary code.  Read More...

SECUNIA ADVISORY ID: SA22339

VERIFY ADVISORY: http://secunia.com/advisories/22339/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.

SOFTWARE:
Microsoft Word 2003 Viewer - http://secunia.com/product/5523/
Microsoft Word 2003 - http://secunia.com/product/4908/  Read More...

SECUNIA ADVISORY ID: SA22282

VERIFY ADVISORY: http://secunia.com/advisories/22282/

CRITICAL: Less critical

IMPACT: Security Bypass

WHERE: Local system

SOFTWARE:
PHP 5.1.x - http://secunia.com/product/6796/
PHP 5.0.x - http://secunia.com/product/3919/
PHP 4.4.x - http://secunia.com/product/5768/
PHP 4.3.x - http://secunia.com/product/922/

DESCRIPTION: Maksymilian Arciemowicz has reported a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. Read More...

SECUNIA ADVISORY ID: SA22349

VERIFY ADVISORY: http://secunia.com/advisories/22349/

CRITICAL: Moderately critical

IMPACT: Manipulation of data

WHERE: >From remote

SOFTWARE: 4images 1.x - http://secunia.com/product/8373/

DESCRIPTION: disfigure has reported a vulnerability in 4images, which can be exploited by malicious people to conduct SQL injection attacks. Read More...

SECUNIA ADVISORY ID: SA22305

VERIFY ADVISORY: http://secunia.com/advisories/22305/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: User Viewed Posts Tracker 1.x (module for phpBB) - http://secunia.com/product/12231/

DESCRIPTION: XORON has reported a vulnerability in the User Viewed Posts Tracker module for phpBB, which can be exploited by malicious people to compromise a vulnerable system. Read More...

SECUNIA ADVISORY ID: SA22264

VERIFY ADVISORY: http://secunia.com/advisories/22264/

CRITICAL: Moderately critical

IMPACT: Manipulation of data

WHERE: >From remote

SOFTWARE:

PHP Classifieds 7.x - http://secunia.com/product/12226/
PHP Classifieds 6.x - http://secunia.com/product/8084/

DESCRIPTION: Kzar has discovered some vulnerabilities in PHP Classifieds, which can be exploited by malicious people to conduct SQL injection attacks. Read More...