Affix

**Name of the Vulnerable Software and Affected Versions** Rock Band CMS version 0.10 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `year` and `id` parameters in the news.php file. **Recommendations** For Rock Band CMS version 0.10, consider restricting access to the news.php file until a patch is available, and avoid using the `year` and `id` parameters in this file to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 5.3 through 6.1 Description: The issue concerns the malloc subsystem in libc, which allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the `MALLOCDEBUG` environment variable. Recommendations: For IBM AIX versions 5.3 through 6.1, consider restricting access to the `MALLOCDEBUG` environment variable to prevent exploitation. As a temporary workaround, avoid using the `MALLOCDEBUG` environment variable until a patch is available.