Frederic Cambus

**Name of the Vulnerable Software and Affected Versions** Lout version 3.40 **Description** The issue is related to a heap-based buffer overflow in the srcnext() function, located in the z02.c file. **Recommendations** For version 3.40, consider disabling the srcnext() function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Lout version 3.40 **Description** The issue is related to a buffer overflow in the StringQuotedWord() function, located in the z39.c file. **Recommendations** For Lout version 3.40, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xfig fig2dev version 3.2.7b **Description** The issue is related to an out-of-bounds write in the `read colordef` function in `read.c`. **Recommendations** For Xfig fig2dev version 3.2.7b, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** ATasm version 1.06 **Description** The issue is a stack-based buffer overflow in the `get signed expression()` function, located in setparse.c, which can be triggered by a crafted .m65 file. **Recommendations** For ATasm version 1.06, as a temporary workaround, consider disabling the `get signed expression()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ATasm version 1.06 **Description** The issue is a stack-based buffer overflow in the `to comma()` function, located in `asm.c`, which can be triggered by a crafted `.m65` file. **Recommendations** For ATasm version 1.06, consider disabling the `to comma()` function until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** ATasm version 1.06 **Description** The issue is a stack-based buffer overflow in the `parse expr()` function, located in setparse.c, which can be triggered by a crafted .m65 file. **Recommendations** For ATasm version 1.06, as a temporary workaround, consider disabling the `parse expr()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a stack-based buffer overflow in the `read textobject` function in `read.c` due to an incorrect use of `sscanf`. This can lead to a denial of service. The vulnerability may allow a remote attacker to cause a service disruption. **Recommendations** For fig2dev version 3.2.7b, consider applying a patch or fix that corrects the `sscanf` usage in the `read textobject` function to prevent the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Brandy version 1.20.1 **Description** The issue is related to a heap-based buffer overflow in the define array function within the variables.c file. This overflow can be triggered by crafted BASIC source code. **Recommendations** For Brandy version 1.20.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Brandy version 1.20.1 **Description** The issue is a stack-based buffer overflow in the `fileio openin` function located in `fileio.c`. This occurs when the software processes crafted BASIC source code. **Recommendations** For Brandy version 1.20.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Brandy version 1.20.1 **Description** The issue is a stack-based buffer overflow in the fileio openout function in fileio.c, which can be triggered by crafted BASIC source code. **Recommendations** For Brandy version 1.20.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Xfig fig2dev version 3.2.7a **Description** The issue is related to a buffer overflow in the `calc arrow` function, which can be exploited by an attacker using a specially crafted .fig file, potentially leading to a denial of service. **Recommendations** For Xfig fig2dev version 3.2.7a, consider disabling the `calc arrow` function in the bound.c file as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MCPP version 2.7.2 **Description** The issue is a heap-based buffer overflow in the `do msg()` function located in support.c. This overflow can potentially lead to arbitrary code execution, allowing an attacker to execute malicious code on the affected system. **Recommendations** For MCPP version 2.7.2, as a temporary workaround, consider disabling the `do msg()` function until a patch is available. However, at the moment, there is no information about a newer version that contains a fix for this issue.