Damyan Ivanov

**Name of the Vulnerable Software and Affected Versions** XML-DT versions prior to 0.64 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on a /tmp/ xml ##### temporary file. This is possible due to vulnerabilities in the `mkxmltype` and `mkdtskel` scripts. **Recommendations** For versions prior to 0.64, update to version 0.64 or later to resolve the issue. As a temporary workaround, consider restricting access to the `mkxmltype` and `mkdtskel` scripts until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firebird Database versions 1.0 through 1.5 **Description** A buffer overflow issue in the ibserver component allows remote attackers to cause a denial of service by crashing the system with a long database name. This can be demonstrated using the gsec command. **Recommendations** For Firebird Database versions 1.0 through 1.5, update to version 1.5 or later to resolve the issue.