Vulnerable HSQLDB; ARCServe and BorderManager

Two different applications implementing HSQLDB contain vulnerabilities. The first is in OpenOffice, where there is an unspecified error in the HSQLDB database that can be exploited to execute Java code through a malicious database document. OpenOffice versions prior to 2.3.1 are affected. Next, JBOSS is affected by remote command injection vulnerability. Due to certain flaws, an attacker can pass commands to the HSQLDB component on TCP port 1701 (for JBOSS 3.2.1) or TCP port 1476 (for JBOSS 3.0.8). Multiple attacks can be performed leveraging this vulnerability, such as command execution in the database and potentially the OS, Denial of Service, etc. This issue is reported to exist with JBOSS 3.2.1/3.0.8 on any Java 1.4.x-enabled platforms. Other versions may also be affected.

CA BrightStor ARCServe BackUp R11.5 is affected by a remote stack overflow vulnerability. The flaw exists in the CA BrightStor Message Engine. This is a result of errors in the handling of RPC requests to TCP port 6504. Successful exploitation of this vulnerability will result in remote code execution. CA has released an update for this issue, available at http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

Novell BorderManager 3.8 SP5 contains multiple vulnerabilities. An issue in the Novell Client Trust can be exploited to execute arbitrary code. An error in handling certain encoded HTTP traffic can be exploited to bypass security controls. Also, proxy authentication can be bypass when the traffic is sourced from another proxy. Novell has released Support Pack5 Interim Release 1, available at http://download.novell.com/Download?buildid=_E_defvCXnE~.