Dino A. Dai Zovi

**Name of the Vulnerable Software and Affected Versions** Apple QuickTime Java extensions (QTJava.dll) (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary code via parameters to the `toQTPointer` method in `quicktime.util.QTHandleRef`. This can be used to modify arbitrary memory when creating `QTPointerRef` objects. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows 2000 Windows XP Windows Server 2003 **Description** The issue concerns the 802.11 wireless client in certain operating systems, which fails to alert users in two scenarios: when it connects to a station in ad hoc mode and when a station in ad hoc mode connects to it. This oversight allows remote attackers to initiate unexpected wireless communication. **Recommendations** For Windows 2000, consider disabling ad hoc mode until a fix is available. For Windows XP, restrict wireless connections to only trusted networks to minimize risk. For Windows Server 2003, avoid using ad hoc mode for wireless connections until the issue is resolved.