Carter-Yagemann

**Name of the Vulnerable Software and Affected Versions** GCLib version 0.12.7 **Description** An out-of-bounds access in `GffLine::GffLine` in `gff.cpp` allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file. **Recommendations** For GCLib version 0.12.7, consider avoiding the use of crafted GFF files until a patch is available. As a temporary workaround, restrict the processing of GFF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DMitry version 1.3a **Description** A stack-based buffer overflow might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by the `nic format buff` function. **Recommendations** For DMitry version 1.3a, consider updating to a newer version that addresses this issue, as using a long line in a response from remote WHOIS servers could lead to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDFResurrect versions 0.12 through 0.19 **Description** The issue arises from an out-of-bounds write in the get type function within pdf.c, which can be triggered by a crafted PDF document. **Recommendations** For PDFResurrect versions 0.12 through 0.19, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.