Hunger

**Name of the Vulnerable Software and Affected Versions** Chuggnutt HTML to Text Converter (affected versions not specified) PHPMailer versions prior to 5.2.10 RoundCube Webmail versions 0.2-1.alpha through 0.2-3.beta Mahara (affected versions not specified) AtMail Open version 1.03 **Description** The issue allows remote attackers to execute arbitrary code via crafted input that is processed by the `preg replace` function with the `eval` switch. This is a result of a problem in the `html2text.php` file. **Recommendations** For PHPMailer versions prior to 5.2.10, update to version 5.2.10 or later. For RoundCube Webmail versions 0.2-1.alpha through 0.2-3.beta, consider upgrading to a version outside of this range. For Mahara, At the moment, there is no information about a newer version that contains a fix for this vulnerability. For AtMail Open version 1.03, consider upgrading to a version outside of this range. As a temporary workaround, consider disabling the use of the `preg replace` function with the `eval` switch until a patch is available.

**Name of the Vulnerable Software and Affected Versions** OpenBSD version 4.2 **Description** The issue allows local users to cause a denial of service, resulting in a kernel panic. This occurs when the SIOCGIFRTLABEL IOCTL is called on an interface without a route label, leading to a NULL pointer dereference. The problem arises because the return value from the `rtlabel id2name` function is not properly checked. **Recommendations** For OpenBSD version 4.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.