A vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an
invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for
scanning. The risk is MEDIUM. In some configurations, such as when ClamAV is used in combination with mail servers, this could cause
a system to "fail open," facilitating a follow-on viral attack.

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service
or the execution of arbitrary code. The risk is MEDIUM. May lead to denial of service or the execution of arbitrary code.

It was discovered that Gaim, an multi-protocol instant messaging client, was vulnerable to several integer overflows in
its MSN protocol handlers. These could allow a remote attacker to execute arbitrary code. The risk is MEDIUM. These could allow a
remote attacker to execute arbitrary code.

An exploit has been public which may impact the availability, confidentiality or integrity of WebLogic Server applications
which use the Apache web server configured with the WebLogic plug-in for Apache. This vulnerability may be remotely exploitable without
authentication, i.e. it may be exploited over a network without the need for a username and password. The risk is MEDIUM. A remote,
authenticated attacker may be able to execute arbitrary code.

RealPlayer contains a buffer overflow vulnerability that may allow an attacker to execute code on a vulnerable system.
The risk is MEDIUM. BY convincing a user to visit a website, a remote attacker may be able to execute arbitrary code.

The PDF Distiller service that is provided with BlackBerry Enterprise Server contains a vulnerability that may allow a
remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The risk is MEDIUM. By convincing a user to open
a spsecially-crafted PDF attachment on a BlackBerry smartphone, a remote, unauthenticated attacker may be able to execute arbitrary
code on the system that runs the BlackBerry Attachment Service.

It was discovered that afuse, an automounting file system in user-space, did not properly escape meta characters in paths.
This allowed a local attacker with read access to the file system to execute commands as the owner of the file system. The risk is
LOW. This allows a local attacker with read access to the file system to execute commands as the owner of the file system.

Several remote vulnerabilities have been discovered in the Common Unix Printing System (CUPS). The risk is LOW. Could
possibly run arbitrary code through crafted HP-GL and GIF files.

It was discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code.
The risk is MEDIUM. May lead to the execution of arbitrary code.

It was discovered that OpenSC, a library and utilities to handle smart cards, would initialise smart cards with the
Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. The risk is
MEDIUM. With this bug anyone can change a user PIN without having the PIN or PUK or the superusers PIN or PUK. However it can not be
used to figure out the PIN.