Daniel Kazimirow

**Name of the Vulnerable Software and Affected Versions** Advantech AdamView versions 4.3 and earlier **Description** The issue allows remote attackers to execute arbitrary code via crafted parameters in a GNI file, specifically through display properties or conditional bitmap parameters. **Recommendations** For Advantech AdamView versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Artweaver versions prior to 3.1.6 **Description** The issue is related to a buffer overflow that can be triggered by a crafted AWD file, potentially allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. **Recommendations** For versions prior to 3.1.6, update to version 3.1.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Lattice Diamond Programmer version 1.4.2 **Description** The issue allows user-assisted remote attackers to cause a denial of service and execute arbitrary code via a long string in a version attribute of an `ispXCF` element in an `.xcf` file. **Recommendations** For Lattice Diamond Programmer version 1.4.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.