Praveen Darshanam

**Name of the Vulnerable Software and Affected Versions** MICROSYS PROMOTIC versions prior to 8.3.11 **Description** A heap-based buffer overflow issue allows remote authenticated users to cause a denial of service via a malformed HTML document. **Recommendations** For versions prior to 8.3.11, update to version 8.3.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Advantech WebAccess versions prior to 8.0.1 **Description** The issue is caused by multiple stack-based buffer overflows in unspecified DLL files. This allows a remote attacker to execute arbitrary code via unknown vectors. **Recommendations** For Advantech WebAccess versions prior to 8.0.1, update to version 8.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Ecava IntegraXor SCADA Server versions prior to 4.2.4488 **Description** The issue allows local users to gain privileges via a renamed DLL in the default install directory due to an untrusted search path vulnerability. **Recommendations** For versions prior to 4.2.4488, update to version 4.2.4488 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WebGate Embedded Standard Protocol (WESP) SDK versions (affected versions not specified) **Description** The issue concerns multiple buffer overflows in the WESP SDK, allowing remote attackers to execute arbitrary code. This can be achieved through various vectors, including the `LoadImage` or `LoadImageEx` function in the `WESPMonitor.WESPMonitorCtrl.1` control, the `ChangePassword` function in the `WESPCONFIGLib.UserItem` control, the `Connect` function in the `WESPSerialPort.WESPSerialPortCtrl.1` or `WESPPLAYBACKLib.WESPPlaybackCtrl` control, the `AddID` function in the `WESPCONFIGLib.IDList` control, or by passing a long string to the second argument to the `ConnectEx3` function in the `WESPPLAYBACKLib.WESPPlaybackCtrl` control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebGate WinRDS (affected versions not specified) **Description** The issue is a stack-based buffer overflow in the WESPPlayback.WESPPlaybackCtrl.1 control, allowing remote attackers to execute arbitrary code. This can be achieved via unspecified vectors to the (1) PrintSiteImage, (2) PlaySiteAllChannel, (3) StopSiteAllChannel, or (4) SaveSiteImage function. **Recommendations** As a temporary workaround, consider disabling the `PrintSiteImage()`, `PlaySiteAllChannel()`, `StopSiteAllChannel()`, and `SaveSiteImage()` functions until a patch is available. Restrict access to the WESPPlayback.WESPPlaybackCtrl.1 control to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung iPOLiS Device Manager version 1.12.2 **Description** The issue is related to a buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control. This allows remote attackers to execute arbitrary code via a long string in the first argument to the (1) ReadConfigValue or (2) WriteConfigValue function. **Recommendations** For Samsung iPOLiS Device Manager version 1.12.2, as a temporary workaround, consider disabling the `ReadConfigValue` and `WriteConfigValue` functions until a patch is available. Restrict access to the XnsSdkDeviceIpInstaller.ocx ActiveX control to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook Web Access (OWA) version 8.2.254.0 **Description** The issue is related to the handling of the `id` parameter in a Folder IPF.Note action to the default URI. This might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value. The estimated number of potentially affected devices worldwide is not available. **Recommendations** For Microsoft Outlook Web Access (OWA) version 8.2.254.0, consider avoiding the use of the `id` parameter in the Folder IPF.Note action until a fix is available. As a temporary workaround, restrict access to the default URI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Squid versions 2.7 through 2.7.STABLE5 Squid versions 3.0 through 3.0.STABLE12 Squid versions 3.1 through 3.1.0.4 **Description** The issue allows remote attackers to cause a denial of service via an HTTP request with an invalid version number. This triggers a reachable assertion in files such as HttpMsg.c and HttpStatusLine.c. **Recommendations** For Squid versions 2.7 through 2.7.STABLE5, update to a version outside of this range to resolve the issue. For Squid versions 3.0 through 3.0.STABLE12, update to a version outside of this range to resolve the issue. For Squid versions 3.1 through 3.1.0.4, update to a version outside of this range to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Free Download Manager versions 2.5 Build 758 through 3.0 Build 844 **Description** The issue is a stack-based buffer overflow in the Remote Control Server of Free Download Manager, allowing remote attackers to execute arbitrary code via a long `Authorization` header in an HTTP request to the "/api/v1/login" API endpoint, by exploiting the `username` and `password` variables. **Recommendations** For Free Download Manager versions 2.5 Build 758 through 3.0 Build 844, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Communicator (affected versions not specified) Microsoft Office 2010 beta (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service, resulting in memory consumption, via a large number of SIP INVITE requests. This triggers the creation of many sessions. **Recommendations** For Microsoft Communicator, consider restricting the number of incoming SIP INVITE requests to prevent excessive session creation until a fix is available. For Microsoft Office 2010 beta, restrict access to the Communicator component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** yaws versions prior to 1.80 yaws-chat (affected versions not specified) yaws-wiki (affected versions not specified) yaws-yapp (affected versions not specified) yaws-mail (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the yaws package of the Debian GNU/Linux operating system, which can lead to a disruption of protected information. These vulnerabilities can be exploited remotely. According to the information, a request with a large number of headers can cause a denial of service, resulting in memory consumption and a crash. **Recommendations** For yaws versions prior to 1.80, update to version 1.80 or later to resolve the issue. For yaws-chat, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For yaws-wiki, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For yaws-yapp, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For yaws-mail, at the moment, there is no information about a newer version that contains a fix for this vulnerability.