Please read this bulletin for a description and solutions on all the above mentioned issues:
TYPO3 Security Bulletin TYPO3-SA-2009-001: Multiple vulnerabilities in TYPO3 Core
We also recommend that you subscribe to the TYPO3 Announce List to receive all future Security Bulletins and other important TYPO3 news.