Flur

Name of the Vulnerable Software and Affected Versions: Trillian versions 0.74 through 1.0 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, when a malformed `TypingUser` string is received in an instant message. This can lead to loss of availability for the service. Recommendations: For Trillian versions 0.74 through 1.0, as a temporary workaround, consider disabling the handling of `TypingUser` messages until a patch is available. Restrict access to instant messaging functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: PalmVNC versions 1.40 and earlier Description: The issue allows attackers to gain privileges by storing passwords in plaintext in the PalmVNCDB. This database is backed up to PCs that the Palm is synchronized with, potentially exposing the passwords. Recommendations: For versions 1.40 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.