Atmaca

**Name of the Vulnerable Software and Affected Versions** Apple QuickTime versions prior to 7.1 **Description** The issue is related to a heap-based buffer overflow that can be triggered by a specially crafted H.264 (M4V) video format file with a modified size value, allowing remote attackers to execute arbitrary code. **Recommendations** For versions prior to 7.1, update to version 7.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Nullsoft Winamp version 5.12 **Description** A buffer overflow issue allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name in the `File1` field. **Recommendations** For Nullsoft Winamp version 5.12, consider avoiding the use of playlist files with long file names in the `File1` field until a patch is available. As a temporary workaround, restrict the processing of such files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Mirabilis ICQ version 2003a **Description** The issue allows attackers to execute arbitrary code by convincing a user to enter long strings into the `First Name` and `Last Name` fields, resulting in a buffer overflow. **Recommendations** For Mirabilis ICQ version 2003a, as a temporary workaround, consider restricting the input length for the `First Name` and `Last Name` fields to prevent buffer overflow until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WinAce versions 2.6.0.5 and earlier **Description** A buffer overflow issue allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name. **Recommendations** For versions 2.6.0.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** OllyDbg versions 1.10 and earlier **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved via a dynamic link library (DLL) with a long filename. **Recommendations** For OllyDbg versions 1.10 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.