Gyu Tae

**Name of the Vulnerable Software and Affected Versions** BankTown Client Control (aka BtCxCtl20Com) versions 1.4.2.51817 through 1.5.2.50209 **Description** The issue allows remote attackers to execute arbitrary code via a long string in the first argument to the `SetBannerUrl` function. **Recommendations** For versions 1.4.2.51817 through 1.5.2.50209, consider restricting the length of the string passed to the `SetBannerUrl` function to prevent buffer overflow until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NateOn Messenger (affected versions not specified) **Description** The issue concerns the ActiveX control NateOn Messenger, specifically the NateonDownloadManager.ocx component. It allows remote attackers to download and execute arbitrary programs. This is achieved by setting specific arguments to the `GotNate.Excute` method. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NateOn Messenger (affected versions not specified) **Description** The issue is related to a buffer overflow in the ActiveX control for NateOn Messenger, specifically in the NateonDownloadManager.ocx component. This buffer overflow can be triggered by passing a long third argument to the `GotNate.Excute` method, allowing remote attackers to cause a denial of service (crash) and potentially execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.