C0Ntex

**Name of the Vulnerable Software and Affected Versions** Adobe Photoshop Album Starter Edition version 3.2 Adobe After Effects version CS3 **Description** A buffer overflow issue allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a BMP file with an invalid image header. **Recommendations** For Adobe Photoshop Album Starter Edition version 3.2, update to a version that fixes the buffer overflow issue. For Adobe After Effects version CS3, consider disabling the handling of BMP files with invalid image headers until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mobile Safari on Apple iPhone versions 1.1.2 through 1.1.3 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory exhaustion and device crash, via certain JavaScript code. This code constructs a long string and an array containing long string elements. **Recommendations** For Mobile Safari on Apple iPhone versions 1.1.2 and 1.1.3, consider disabling JavaScript execution in Mobile Safari as a temporary workaround until a patch is available. Restrict access to untrusted web content to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** VMWare version 5.5.1 **Description** A buffer overflow issue exists in an ActiveX control, allowing local users to execute arbitrary code. This is achieved by passing a long `VmdbDb` parameter to the `Initialize` function. **Recommendations** For VMWare version 5.5.1, consider restricting access to the vulnerable ActiveX control until a patch is available. As a temporary workaround, avoid using the `VmdbDb` parameter in the `Initialize` function to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Help winhlp32.exe (affected versions not specified) Description: A heap-based buffer overflow issue exists, allowing user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UnZip versions 5.50 and earlier **Description** The issue allows user-assisted attackers to execute arbitrary code via a long filename command line argument. However, since the overflow occurs in a non-setuid program, the risk is relatively low unless UnZip is passed long arguments when invoked from other programs. **Recommendations** For UnZip versions 5.50 and earlier, consider avoiding the use of long filename command line arguments until a fix is available. As a temporary workaround, restrict the length of filename arguments passed to UnZip to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** RealPlayer version 10 Real HelixPlayer (affected versions not specified) **Description** The issue allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file. **Recommendations** For RealPlayer version 10, update to a version that contains a fix for this issue. For Real HelixPlayer, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: eRoom versions 6.x Description: The issue allows remote attackers to execute arbitrary commands by attaching a .lnk file, due to improper restriction of files that can be attached. Recommendations: For version 6.x, consider restricting the types of files that can be attached to prevent exploitation until a proper fix is available.

Name of the Vulnerable Software and Affected Versions: eRoom (affected versions not specified) Description: The issue allows remote attackers to capture cookies and conduct replay attacks because eRoom does not set an expiration for Cookies. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.