SECUNIA ADVISORY ID: SA25648

VERIFY ADVISORY: http://secunia.com/advisories/25648/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
OpenOffice 1.1.x - http://secunia.com/product/302/
OpenOffice.org 2.x - http://secunia.com/product/6157/
OpenOffice 1.0.x - http://secunia.com/product/303/

DESCRIPTION: A vulnerability has been reported in OpenOffice, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the parsing of RTF files and can be exploited to cause a heap based buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code.

SOLUTION: Do not open untrusted RTF files.

PROVIDED AND/OR DISCOVERED BY: Reported in a Debian advisory crediting John Heasman.

ORIGINAL ADVISORY: http://www.us.debian.org/security/2007/dsa-1307

SECUNIA ADVISORY ID: SA25640

VERIFY ADVISORY: http://secunia.com/advisories/25640/

CRITICAL: Highly critical

IMPACT: Privilege escalation, System access

WHERE: >From remote

OPERATING SYSTEM:
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows XP Professional - http://secunia.com/product/22/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a user's system.
 Read More...

SECUNIA ADVISORY ID: SA25639

VERIFY ADVISORY: http://secunia.com/advisories/25639/

CRITICAL: Highly critical

IMPACT: Security Bypass, Exposure of sensitive information, System access

WHERE: >From remote

OPERATING SYSTEM:
Microsoft Windows XP Professional - http://secunia.com/product/22/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows Vista - http://secunia.com/product/13223/
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/

SOFTWARE: Microsoft Outlook Express 6 - http://secunia.com/product/102/

DESCRIPTION: Some vulnerabilities have been reported in Microsoft Outlook Express and Windows Mail, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
 Read More...

SECUNIA ADVISORY ID: SA25620

VERIFY ADVISORY: http://secunia.com/advisories/25620/

CRITICAL: Highly critical

IMPACT: DoS, System access

WHERE: >From remote

OPERATING SYSTEM:
Microsoft Windows 2000 Advanced Server - http://secunia.com/product/21/
Microsoft Windows 2000 Datacenter Server - http://secunia.com/product/1177/
Microsoft Windows 2000 Professional - http://secunia.com/product/1/
Microsoft Windows 2000 Server - http://secunia.com/product/20/
Microsoft Windows XP Home Edition - http://secunia.com/product/16/
Microsoft Windows XP Professional - http://secunia.com/product/22/
Microsoft Windows Server 2003 Datacenter Edition - http://secunia.com/product/1175/
Microsoft Windows Server 2003 Enterprise Edition - http://secunia.com/product/1174/
Microsoft Windows Server 2003 Standard Edition - http://secunia.com/product/1173/
Microsoft Windows Server 2003 Web Edition - http://secunia.com/product/1176/
Microsoft Windows Storage Server 2003 - http://secunia.com/product/12399/

DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
 Read More...

SECUNIA ADVISORY ID: SA25619

VERIFY ADVISORY: http://secunia.com/advisories/25619/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE:
Microsoft Office 2003 Student and Teacher Edition - http://secunia.com/product/2278/
Microsoft Office 2003 Standard Edition - http://secunia.com/product/2275/
Microsoft Office 2003 Small Business Edition - http://secunia.com/product/2277/
Microsoft Office 2003 Professional Edition - http://secunia.com/product/2276/
Microsoft Visio 2003 - http://secunia.com/product/1092/
Microsoft Visio 2002 - http://secunia.com/product/1091/

DESCRIPTION: Two vulnerabilities have been reported in Microsoft Visio, which can be exploited by malicious people to compromise a user's system.
 Read More...

SECUNIA ADVISORY ID: SA25626

VERIFY ADVISORY: http://secunia.com/advisories/25626/

CRITICAL: Highly critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: PHPMailer 1.x - http://secunia.com/product/5177/

DESCRIPTION: Thor Larholm has discovered a vulnerability in PHPMailer, which can be exploited by malicious people to compromise a vulnerable system.
 Read More...