Nick Freeman

**Name of the Vulnerable Software and Affected Versions** Microsoft Hyper-V (affected versions not specified) **Description** The issue is caused by insufficient input validation in the network switch of Microsoft Hyper-V operating systems for Windows. It may allow an attacker to cause a denial-of-service of the host operating system from a guest operating system using a specially crafted application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows 7 Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows 8.1 Windows RT 8.1 Windows 10 Windows 10 Servers **Description** A denial of service issue exists due to improper handling of DNS responses. This affects the Windows Domain Name System (DNS) DNSAPI.dll. **Recommendations** For Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows 8.1, Windows RT 8.1, Windows 10, Windows 10 Servers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions 8.1, 10 (Gold, 1511, 1607, 1703), Windows Server 2012 R2, Windows Server 2016, and Windows RT 8.1 **Description** The issue is related to a remote code execution vulnerability in the Microsoft Windows Domain Name System (DNS) DNSAPI.dll. It occurs when the system fails to properly handle DNS responses. This can be exploited by a remote attacker using specially crafted DNS responses, potentially allowing them to execute arbitrary code or cause a denial of service. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** For Microsoft Windows versions 8.1, 10 (Gold, 1511, 1607, 1703), Windows Server 2012 R2, Windows Server 2016, and Windows RT 8.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vTiger CRM versions 5.0.0 through 5.4.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands via several parameters, including the `picklist name` parameter in the "get picklists" method to "soap/customerportal.php", the `where` parameter in the "get tickets list" method to "soap/customerportal.php", or the `emailaddress` parameter in the "SearchContactsByEmail" method to "soap/vtigerolservice.php". Additionally, remote authenticated users can execute arbitrary SQL commands via the `emailaddress` parameter in the "SearchContactsByEmail" method to "soap/thunderbirdplugin.php". **Recommendations** For versions 5.0.0 through 5.4.0, consider disabling the `get picklists` and `get tickets list` methods in "soap/customerportal.php" and the `SearchContactsByEmail` method in "soap/vtigerolservice.php" and "soap/thunderbirdplugin.php" until a patch is available. Restrict access to these methods to minimize the risk of exploitation. Avoid using the `picklist name`, `where`, and `emailaddress` parameters in the affected API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Avid Media Composer versions 5.5.3 and earlier **Description** The issue is related to a stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) that allows remote attackers to execute arbitrary code. This can be achieved by sending a long request to TCP port 4659. **Recommendations** For versions 5.5.3 and earlier, consider restricting access to TCP port 4659 to minimize the risk of exploitation. As a temporary workaround, disabling the AvidPhoneticIndexer.exe service may help prevent attacks until a fix is available.

**Name of the Vulnerable Software and Affected Versions** Final Draft version 8.0 through 8.01 **Description** The issue is related to multiple stack-based buffer overflows that can be triggered by remote attackers via a .fdx or .fdxt file containing long elements, including `Word`, `Transition`, `Location`, `Extension`, `SceneIntro`, `TimeOfDay`, and `Character`. This can lead to the execution of arbitrary code. **Recommendations** For Final Draft version 8.0 through 8.01, update to version 8.02 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Virtual Vertex Muster versions prior to 6.20 **Description** The issue allows remote attackers to read arbitrary files by utilizing a directory traversal technique, specifically by including a .. (backslash dot dot) in the URL. **Recommendations** For versions prior to 6.20, update to version 6.20 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Yoono extension versions prior to 6.1.1 **Description** The issue allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as `onload`. This is due to the extension performing certain operations with chrome privileges. **Recommendations** For versions prior to 6.1.1, update to version 6.1.1 or later to resolve the issue. As a temporary workaround, consider disabling the Yoono extension until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Sage versions 1.4.3 and earlier **Description** The issue allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed, as the extension performs certain operations with chrome privileges. **Recommendations** For versions 1.4.3 and earlier, update to a version that does not perform operations with elevated privileges to mitigate the risk of arbitrary command execution and cross-domain scripting attacks.