Andy Bowden

**Name of the Vulnerable Software and Affected Versions** B64dec version 1.1.2 **Description** A buffer overflow allows attackers to execute arbitrary code by overwriting the Structured Exception Handler (SEH), which is a mechanism for handling software exceptions, using crafted input. This can be achieved by employing an egg hunter technique—a small piece of code used to find a larger payload in memory—and a carefully constructed payload during the base64 decoding process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** StreamRipper32 version 2.6 **Description** A buffer overflow exists in the Station/Song section. This occurs when the `SongPattern` input is manipulated, allowing memory to be overwritten. An attacker can use a malicious payload exceeding 256 bytes to potentially execute arbitrary code and compromise the application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GoldWave version 5.70 **Description** A stack-based buffer overflow occurs when processing malicious input in the 'File Open URL' dialog. An attacker can use a specially crafted text file containing Unicode-encoded shellcode to execute arbitrary commands when the file is opened. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.