Bruhns

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 14.0.835.163 **Description** The issue is related to incorrect permissions used by Google Chrome for non-gallery pages. The impact and attack vectors of this issue are not specified. **Recommendations** For versions prior to 14.0.835.163, update to version 14.0.835.163 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ESet NOD32 version 2.70.0039.0000 **Description** The issue is related to the handling of certain e-mail messages. Specifically, it does not properly handle multipart/mixed e-mail messages with many MIME parts and possibly e-mail messages with many "Content-type: message/rfc822;" headers. This can be exploited by remote attackers to cause a denial of service through stack consumption or other resource consumption by sending a large e-mail message. **Recommendations** For ESet NOD32 version 2.70.0039.0000, consider updating to a newer version that addresses this issue, as the current version does not properly handle specific types of e-mail messages, leading to potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Norton Internet Security version 15.5.0.23 **Description** The issue is related to how Norton Antivirus handles certain email messages. Specifically, it does not properly handle multipart/mixed email messages with many MIME parts and possibly email messages with many "Content-type: message/rfc822;" headers. This can be exploited by remote attackers to cause a denial of service through stack consumption or other resource consumption by sending a large email message. **Recommendations** For Norton Internet Security version 15.5.0.23, update to a newer version that addresses this issue to prevent potential denial of service attacks.

**Name of the Vulnerable Software and Affected Versions** Opera version 9.51 **Description** The issue is related to the handling of certain e-mail messages. Specifically, it involves (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers. This can be exploited by remote attackers to cause a denial of service, potentially leading to stack consumption or other resource consumption, via a large e-mail message. **Recommendations** For Opera version 9.51, consider avoiding the use of the affected e-mail handling functionality until a patch is available. As a temporary workaround, restrict the processing of multipart/mixed e-mail messages with many MIME parts and e-mail messages with many "Content-type: message/rfc822;" headers to minimize the risk of exploitation.