Alexander Sotirov

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 3.5 VMware ESX versions 3.5 **Description** The issue is related to a buffer overflow in the openwsman management service. This allows remote authenticated users to gain privileges via an invalid Content-Length. **Recommendations** For VMware ESXi version 3.5, update to a version that includes a fix for this issue. For VMware ESX version 3.5, update to a version that includes a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server versions 2000 SP3 through 2007 **Description** The issue is related to the handling of Internet Calendar (iCal) files, specifically when these files contain multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties. If the second MODPROPS is longer than the first, it can trigger a NULL pointer dereference and an unhandled exception, leading to a denial of service (crash). This can be exploited by sending an e-mail message with a specially crafted iCal file to a Microsoft Exchange Server user account, causing the mail service to stop responding. **Recommendations** For Microsoft Exchange Server versions 2000 SP3 through 2007, consider restricting access to calendar content requests until a fix is available. As a temporary workaround, avoid using the `X-MICROSOFT-CDO-MODPROPS` properties in iCal files to minimize the risk of exploitation.