nb1 writes:  

Java software allows you to run applications called "applets" that are written in the Java programming language. These applets allow you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D. Corporations also use applets for intranet applications and e-business solutions.

Sun Microsystems has issued an update to fix stability and security problems with its Java software. It includes all operating systems. It is recommended that you update to the latest version. It's also necessary to remove the old java environments, not just update the new versions, as an attacker can target the old environments when they are still present.
Java Update 1.5.0_07

TITLE: phpBB Nivisec Hacks List Module Local File Inclusion

SECUNIA ADVISORY ID: SA20359

VERIFY ADVISORY: http://secunia.com/advisories/20359/

CRITICAL: Moderately critical

IMPACT: Exposure of sensitive information

WHERE: >From remote

SOFTWARE: Nivisec Hacks List 1.x (module for phpBB) - http://secunia.com/product/10204/

DESCRIPTION: Mustafa Can Bjorn has discovered a vulnerability in the Nivisec Hacks List module for phpBB, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "phpEx" parameter in admin_hacks_list.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

Example: http://[host]/admin/admin_hacks_list.php?setmodules=1&board_config[default_lang]=english&phpEx=[file]

Successful exploitation requires that "register_globals" is enabled.

The vulnerability has been confirmed in version 1.20. Other versions may also be affected.

SOLUTION: Edit the source code to ensure that input is properly sanitised. Set "register_globals" to "Off".

PROVIDED AND/OR DISCOVERED BY: Mustafa Can Bjorn

ORIGINAL ADVISORY: http://www.nukedx.com/?viewdoc=37

TITLE: Coppermine Photo Gallery Multiple File Extensions Vulnerability

SECUNIA ADVISORY ID: SA20211

VERIFY ADVISORY: http://secunia.com/advisories/20211/

CRITICAL: Moderately critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: Coppermine Photo Gallery 1.x
http://secunia.com/product/1427/

DESCRIPTION:
A vulnerability has been reported in Coppermine Photo Gallery, which can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is caused due to an error in the handling of file uploads where a filename has multiple file extensions. This can be exploited to upload malicious script files inside the web root (e.g. a PHP script).

Successful exploitation may allow execution of script code depending on the HTTP server configuration (it requires e.g. an Apache server with the "mod_mime" module installed).

The vulnerability has been reported in version 1.4.5. Prior versions may also be affected.

SOLUTION: Update to version 1.4.6.
http://sourceforge.net/project/showfiles.php?group_id=89658

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

nb1 writes:  

Security experts are warning of a critical vulnerability affecting users of Microsoft Word XP and Word 2003. To quote the SANS Internet Storm Center report:

Quote - Emails were sent to specific individuals within the organization that contained a Microsoft Word attachment. This attachment, when opened, exploited a previously-unknown vulnerability in Microsoft Word (verified against a fully-patched system). The exploit functioned as a dropper, extracting a trojan byte-for-byte from the host file when executed. After extracting and launching the trojan, the exploit then overwrote the original Word do***ent with a clean (not infected) copy from payload in the original infected do***ent. As a result of the exploit, Word crashes, informs the user of a problem, and offers to attempt to re-open the file. If the user agrees, the new clean file is opened without incident. They are working with Microsoft on this. Read More...

TITLE: FileZilla Unspecified Buffer Overflow Vulnerability

SECUNIA ADVISORY ID: SA20086

VERIFY ADVISORY: http://secunia.com/advisories/20086/

CRITICAL: Moderately critical

IMPACT: System access

WHERE: >From remote

SOFTWARE: FileZilla 2.x
http://secunia.com/product/2925/

DESCRIPTION:
A vulnerability has been reported in FileZilla, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified boundary error within the handling of replies from an FTP server. This can be exploited to cause a buffer overflow and may allow arbitrary code execution.

Successful exploitation requires that the user is e.g. tricked into connecting to a malicious FTP server.

The vulnerability has been reported in versions prior to 2.2.23.

SOLUTION: Update to version 2.2.23.
http://sourceforge.net/project/showfiles.php?group_id=21558&package_id=15149

PROVIDED AND/OR DISCOVERED BY: Reported by vendor.

ORIGINAL ADVISORY:
http://sourceforge.net/project/shownotes.php?release_id=416790

TITLE: phpMyAdmin "theme" and "db" Cross-Site Scripting Vulnerabilities

SECUNIA ADVISORY ID: SA20113

VERIFY ADVISORY: http://secunia.com/advisories/20113/

CRITICAL: Less critical

IMPACT: Cross Site Scripting

WHERE: >From remote

SOFTWARE: phpMyAdmin 2.x http://secunia.com/product/1720/

DESCRIPTION:
Two vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.

1) Input passed to the "theme" parameter isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability has been reported in versions prior to 2.8.0.4 for the 2.8.0 branch.

2) Input passed to the "db" parameter isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

The vulnerability has been reported in some versions prior to 2.8.0.4.

SOLUTION: Update to version 2.8.0.4.
http://www.phpmyadmin.net/home_page/downloads.php

PROVIDED AND/OR DISCOVERED BY:
1) Reported by the vendor.
2) The vendor credits Sven Vetsch/Disenchant.

ORIGINAL ADVISORY:
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-2