Donato Ferrante

Name of the Vulnerable Software and Affected Versions: Microsoft Windows (affected versions not specified) Description: An elevation of privilege issue exists due to improper handling of reparse points by Microsoft Windows. This could allow an attacker to overwrite or delete targeted files that normally require elevated permissions. To exploit this, an attacker must first log on to the system and then run a specially crafted application. The issue is addressed by correcting how Windows handles reparse points. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Store Installer (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows store installer, where the WindowsApps directory is vulnerable to a symbolic link attack. This vulnerability can be exploited by an attacker to elevate their privileges using a specially crafted application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RealPlayer versions 11.0 through 11.1 RealPlayer versions 14.0.0 through 14.0.5 RealPlayer SP versions 1.0 through 1.1.5 Mac RealPlayer version 12.0.0.1569 **Description** The issue allows remote attackers to execute arbitrary code via a crafted `raw data frame` field in an AAC file. This can lead to the execution of malicious code on the affected system. **Recommendations** For RealPlayer versions 11.0 through 11.1, update to a version outside of this range to resolve the issue. For RealPlayer versions 14.0.0 through 14.0.5, update to a version outside of this range to resolve the issue. For RealPlayer SP versions 1.0 through 1.1.5, update to a version outside of this range to resolve the issue. For Mac RealPlayer version 12.0.0.1569, update to a version newer than 12.0.0.1569 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Lionel Reyero DirectContact version 0.3b **Description** The issue allows remote attackers to read arbitrary files by using a .. (dot dot) in the URL, which enables directory traversal. **Recommendations** For version 0.3b, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, avoid using URLs that contain the .. (dot dot) sequence to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Home Ftp Server version 1.0.7 **Description** The issue allows remote authenticated users to read arbitrary files via "C:" (Windows drive letter) sequences in commands such as LIST or RETR. **Recommendations** For Home Ftp Server version 1.0.7, consider restricting access to the LIST and RETR commands until a patch is available. As a temporary workaround, avoid using Windows drive letter sequences in commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Home Ftp Server version 1.0.7 **Description** The issue allows remote authenticated users to obtain sensitive information. This is possible because sensitive user and server information is stored in the same directory as the user's home directory. Specifically, users can access `ftpmembers.lst` and `ftpsettings.lst` to gain sensitive information. **Recommendations** For Home Ftp Server version 1.0.7, consider restricting access to the sensitive files `ftpmembers.lst` and `ftpsettings.lst` to prevent unauthorized users from obtaining sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WinFtp Server version 1.6.8 **Description** The issue is related to a buffer overflow in the Log-SCR function within the "Log to Screen" feature. This can be exploited by remote attackers who send a long request, potentially leading to a denial of service (application crash) and possibly allowing the execution of arbitrary code. **Recommendations** For WinFtp Server version 1.6.8, consider disabling the "Log to Screen" feature as a temporary workaround until a patch is available. Restrict access to the Log-SCR function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SimpleCam version 1.2 **Description** A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot backslash) in the URL. **Recommendations** For SimpleCam version 1.2, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, avoid using URLs that contain the .. sequence to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Yawcam version 0.2.5 Description: A directory traversal issue allows remote attackers to read arbitrary files by using ".." (dot dot backslash) sequences in a GET request. Recommendations: For Yawcam version 0.2.5, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, avoid using the vulnerable version for handling sensitive data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FastStone 4in1 Browser version 1.2 **Description** A directory traversal issue allows remote attackers to read arbitrary files. This can be achieved by including a `(1) ...` (triple dot) or `(2) ..` (dot dot backslash) in the URL. **Recommendations** For FastStone 4in1 Browser version 1.2, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, avoid using the affected URL parsing functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LANChat Pro Revival version 1.666c **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash, by sending a malformed UDP packet. **Recommendations** For LANChat Pro Revival version 1.666c, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mephistoles httpd version 0.6.0 **Description** A cross-site scripting (XSS) issue allows remote attackers to execute arbitrary scripts as other users by injecting arbitrary HTML or script into the URL. This can lead to unauthorized actions being taken on behalf of other users. **Recommendations** For Mephistoles httpd version 0.6.0, update to a version that includes a fix for this issue, as using outdated software can pose significant security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BremsServer version 1.2.4 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the URL. This could potentially lead to unauthorized actions on the web application. **Recommendations** For BremsServer version 1.2.4, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tiny Server version 1.1 **Description** A directory traversal issue allows remote attackers to read or download arbitrary files by including a .. (dot dot) in the URL. **Recommendations** For Tiny Server version 1.1, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wMCam server version 2.1.348 **Description** The issue allows remote attackers to cause a denial of service, preventing new connections, by sending multiple malformed HTTP requests without the GET command. **Recommendations** For wMCam server version 2.1.348, consider restricting access to the server or implementing traffic filtering to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ada Image Server (ImgSvr) version 0.4 **Description** The issue allows remote attackers to view directories or download files by sending an HTTP request with a trailing %00 (null). **Recommendations** For Ada Image Server (ImgSvr) version 0.4, consider restricting access to sensitive directories and files as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Free Web Chat version 2.0 **Description** The issue concerns the `addUser` function in `UserManager.java`, which can be exploited by remote attackers to cause a denial of service. This is achieved by causing the `usrName` variable to be null, although the specific attack vectors are not detailed. **Recommendations** For Free Web Chat version 2.0, consider adding a null check for the `usrName` variable in the `addUser` function to prevent the NullPointerException and subsequent denial of service.

**Name of the Vulnerable Software and Affected Versions** Free Web Chat version 2.0 **Description** The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by establishing multiple connections from the same user. **Recommendations** For Free Web Chat version 2.0, consider restricting the number of connections allowed from a single user as a temporary workaround to minimize the risk of CPU consumption-based denial of service attacks.

**Name of the Vulnerable Software and Affected Versions** PWebServer version 0.3.3 **Description** A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in the URL. **Recommendations** For PWebServer version 0.3.3, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SurfNOW version 2.2 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash, via a series of long HTTP GET requests. This could potentially trigger a buffer overflow. **Recommendations** For SurfNOW version 2.2, consider restricting access to prevent long HTTP GET requests until a patch is available. As a temporary workaround, limiting the length of incoming HTTP requests may help mitigate the risk of a denial of service.