Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
Improper fetch cleanup sequencing in the resolver can cause named to crash:A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted ...
libreoffice: Office productivity suite Details: USN-3579-1 fixed a vulnerability in LibreOffice. After upgrading, it was no longer possible for LibreOffice to open documents from certain locations outside of the user"s home directory. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-3579-1 caused a regression in LibreOffice.