HP Security Bulletin HPSBMU02895 SSRT101253 3 – Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 3 of this advisory.

HP Security Bulletin HPSBMU03118 – Potential security vulnerabilities have been identified with HP Systems Insight Manager (SIM) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), remote privilege elevation, and Clickjacking. Revision 1 of this advisory.

HP Security Bulletin HPSBHF03124 – Potential security vulnerabilities have been identified with certain HP Thin Clients running bash. The vulnerabilities, known as shellshock could be exploited remotely to allow execution of code. Revision 1 of this advisory.

Ultra Electronics SSL VPN versions 7.2.0.19 and 7.4.0.7 suffer from directory creation and remote SQL injection vulnerabilities.

Mandriva Linux Security Advisory 2014-192 – The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via an empty quoted string in an RFC 2822 address. The Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via vectors related to backtracking into the phrase.

Mandriva Linux Security Advisory 2014-193 – A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessive amount of CPU.

HP Security Bulletin HPSBHF03119 2 – A potential security vulnerability has been identified with HP DreamColor Z27x Professional Display running Bash Shell. This is the Bash Shell vulnerability known as “ShellShock” which could be exploited remotely to allow execution of code. NOTE: Only the HP DreamColor Z27x model is vulnerable. Revision 2 of this advisory.

Ubuntu Security Notice 2369-1 – It was discovered that file incorrectly handled certain CDF documents. A attacker could use this issue to cause file to hang or crash, resulting in a denial of service.