Chibataiki

**Name of the Vulnerable Software and Affected Versions** htmodoc version 1.9.12 **Description** A flaw was discovered in the `parse paragraph` function in `ps-pdf.cxx`, which possibly allows code execution and a denial of service via a crafted file. **Recommendations** For version 1.9.12, consider restricting access to the `parse paragraph` function in `ps-pdf.cxx` to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** htmodoc version 1.9.12 **Description** An Out of Bounds flaw was discovered in the `parse tree()` function in `toc.cxx`, which possibly leads to memory layout information leaking in the data. This might be used in a chain of issues to reach code execution. **Recommendations** For version 1.9.12, consider restricting access to the `parse tree()` function in `toc.cxx` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** totolink EX300 v2 version 4.0.3c.140 B20210429 **Description** A reflected cross-site scripting (XSS) issue was found in the /home.asp component. **Recommendations** For version 4.0.3c.140 B20210429, as a temporary workaround, consider restricting access to the /home.asp component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ffjpeg (affected versions not specified) **Description** The issue is related to a NULL pointer dereference in the `bitstr tell` function at `bitstr.c` in `ffjpeg` commit `4ab404e`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** abcm2ps version 8.14.11 **Description** The issue is related to an out-of-bounds read in the `write title()` function in subs.c, which allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. **Recommendations** For abcm2ps version 8.14.11, consider disabling the `write title()` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** abcm2ps version 8.14.11 **Description** The issue is related to an out-of-bounds read in the `calculate beam` function located at draw.c. **Recommendations** For abcm2ps version 8.14.11, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** abcm2ps version 8.14.11 **Description** The issue is a stack-based buffer overflow in the `get key` function in `parse.c`, allowing remote attackers to cause a Denial of Service (DoS) via unspecified vectors. **Recommendations** For abcm2ps version 8.14.11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PDFResurrect version 0.22b Description: A flaw was found in PDFResurrect, where an infinite loop can occur in the `get xref linear skipped()` function in `pdf.c` when processing a crafted PDF file. Recommendations: For PDFResurrect version 0.22b, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HTMLDOC version 1.9.12 **Description** The issue is related to a heap buffer overflow in the `render table row()` function, located in the `ps-pdf.cxx` component of the HTMLDOC tool. This overflow can lead to arbitrary code execution and denial of service, allowing an attacker to access confidential data, compromise its integrity, and disrupt service. **Recommendations** For HTMLDOC version 1.9.12, consider disabling the `render table row()` function in `ps-pdf.cxx` as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** htmldoc version 1.9.12 **Description** A flaw in htmldoc may result in a write-what-where condition, allowing an attacker to execute arbitrary code and cause denial of service. The issue is related to a double-free in the `pspdf export()` function, located in the `ps-pdf.cxx` component. This could enable a remote attacker to access confidential data, compromise its integrity, and disrupt service. **Recommendations** For htmldoc version 1.9.12, consider disabling the `pspdf export()` function in `ps-pdf.cxx` as a temporary workaround until a patch is available. Restrict access to the `ps-pdf.cxx` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** htmldoc versions prior to 1.9.12 **Description** A flaw was found in the htmldoc tool, specifically a heap buffer overflow in the `pspdf prepare outpages()` function, located in `ps-pdf.cxx`. This issue may lead to the execution of arbitrary code and denial of service. The vulnerability can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For versions prior to 1.9.12, update to version 1.9.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the `pspdf prepare outpages()` function in `ps-pdf.cxx` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** htmldoc versions 1.9.12 and earlier **Description** The issue is related to a null pointer dereference in the `file extension()` function, located in the `file.c` component of the htmldoc tool. This can lead to arbitrary code execution and denial of service, allowing an attacker to access confidential data, compromise its integrity, and disrupt service. **Recommendations** For versions 1.9.12 and earlier, update to a version that fixes the null pointer dereference issue in the `file extension()` function. As a temporary workaround, consider restricting access to the `file extension()` function in the `file.c` component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** htmldoc versions 1.9.12 and earlier **Description** A security issue is found in the image load jpeg() function of the image.cxx component, related to NULL pointer dereference errors. This issue may allow an attacker to access confidential data, compromise data integrity, and cause a denial of service. **Recommendations** For htmldoc versions 1.9.12 and earlier, consider disabling the image load jpeg() function as a temporary workaround until a patch is available. Restrict access to the image.cxx component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** htmldoc versions 1.9.12 and prior **Description** The issue is related to a stack buffer overflow in the `parse table()` function of the `ps-pdf.cxx` component. This can lead to arbitrary code execution and denial of service, allowing an attacker to access confidential data, compromise its integrity, and disrupt service. **Recommendations** For versions 1.9.12 and prior, update to a version that fixes the stack buffer overflow in the `parse table()` function. As a temporary workaround, consider restricting access to the `parse table()` function in `ps-pdf.cxx` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** htmldoc versions 1.9.11 and earlier **Description** The issue is related to a null pointer dereference error, which may allow attackers to execute arbitrary code and cause a denial of service via a crafted HTML file. This could potentially lead to unauthorized access to confidential data, disruption of data integrity, and service disruption. **Recommendations** For htmldoc versions 1.9.11 and earlier, update to a version later than 1.9.11 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** An assertion abort was found in the `MemBuffer::alloc()` function in `mem.cpp`, allowing attackers to cause a denial of service (abort) via a crafted file. **Recommendations** For UPX version 4.0.0, consider avoiding the use of crafted files that may trigger the assertion abort in `MemBuffer::alloc()` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** UPX version 4.0.0 **Description** A null pointer dereference was found in the `PackLinuxElf::canUnpack()` function in `p lx elf.cpp`, which can allow attackers to execute arbitrary code and cause a denial of service via a crafted file. This issue may also enable remote attackers to access confidential data, compromise its integrity, and disrupt service. **Recommendations** For UPX version 4.0.0, consider disabling the `PackLinuxElf::canUnpack()` function until a patch is available to prevent potential exploitation. Restrict access to crafted files that could trigger the null pointer dereference to minimize the risk of denial of service or arbitrary code execution.