Martin Pitt

Name of the Vulnerable Software and Affected Versions: libtiff versions 3.8.2 and earlier libtiff versions 3.6.1 and earlier Description: The issue is related to a buffer overflow in the t2p write pdf string function in tiff2pdf, which can be triggered by a TIFF file with a DocumentName tag containing UTF-8 characters. This can cause a denial of service (crash) and possibly allow the execution of arbitrary code. The vulnerability can be exploited remotely, potentially leading to a violation of confidentiality, integrity, and availability of protected information. Recommendations: For libtiff versions 3.8.2 and earlier, update to a version later than 3.8.2 to resolve the issue. For libtiff versions 3.6.1 and earlier, update to a version later than 3.6.1 to resolve the issue. As a temporary workaround, consider restricting access to TIFF files with UTF-8 characters in the DocumentName tag to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** libcairo (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in a persistent client crash. This can be achieved by sending an attached text file with "Content-Disposition: inline" in the header and a very long line in the body. The client will repeatedly crash until the e-mail message is manually removed. The cause might be related to a buffer overflow, as demonstrated using an XML attachment. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AbiWord versions prior to 2.2.11 **Description** The issue is related to multiple stack-based buffer overflows in the RTF import feature. This occurs when handling long identifiers in RTF files, which are not properly handled in certain functions. The affected functions include `ParseLevelText`, `getCharsInsideBrace`, `HandleLists`, and `HandleAbiLists` in the file ie imp RTF.cpp. This allows user-assisted attackers to execute arbitrary code. **Recommendations** For AbiWord versions prior to 2.2.11, update to version 2.2.11 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the RTF import feature until a patch is applied. Restrict access to RTF files from untrusted sources to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHP versions 4.4.0 **Description** The issue arises from improper restriction of access to other directories when the open basedir directive includes a trailing slash. This allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory. **Recommendations** For PHP version 4.4.0, consider removing the trailing slash from the open basedir directive to prevent unauthorized access to other directories.

**Name of the Vulnerable Software and Affected Versions** Heimdal versions 0.6.x through 0.6.5 Heimdal versions 0.7.x through 0.7.1 libasn1-6-heimdal (affected versions not specified) libkadm5srv7-heimdal (affected versions not specified) libhdb7-heimdal (affected versions not specified) libkadm5clnt4-heimdal (affected versions not specified) libkafs0-heimdal (affected versions not specified) libkrb5-17-heimdal (affected versions not specified) libgssapi1-heimdal (affected versions not specified) **Description** The issue involves multiple vulnerabilities in the Heimdal package and its related libraries in the Debian GNU/Linux operating system. These vulnerabilities can lead to a disruption of protected information and can be exploited remotely. The exploitation may cause a denial of service, such as a server crash, via unknown vectors that trigger a null dereference. **Recommendations** For Heimdal versions 0.6.x through 0.6.5, update to version 0.6.6 or later. For Heimdal versions 0.7.x through 0.7.1, update to version 0.7.2 or later. For libasn1-6-heimdal, libkadm5srv7-heimdal, libhdb7-heimdal, libkadm5clnt4-heimdal, libkafs0-heimdal, libkrb5-17-heimdal, and libgssapi1-heimdal, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openSUSE (affected versions not specified) LibVNCServer versions prior to 0.8.2 x11vnc versions prior to 0.8.1 **Description** The issue involves multiple vulnerabilities in various packages of the openSUSE operating system, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Additionally, there are vulnerabilities in LibVNCServer and x11vnc, which can also be exploited remotely. **Recommendations** For openSUSE, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For LibVNCServer, update to version 0.8.2 or later. For x11vnc, update to version 0.8.1 or later.