Intel

**Name of the Vulnerable Software and Affected Versions** Software (affected versions not specified) **Description** The issue arises when the installation directory lacks sufficiently restrictive file permissions, allowing an attacker to modify files and execute malicious code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue arises when the directory containing the installer lacks sufficiently restrictive file permissions, allowing an attacker to modify or replace the installer and execute malicious code. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue concerns an installer that loads or executes files using an unconstrained search path, making it potentially vulnerable to attacks where an attacker's files are loaded or executed instead of the intended files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PowerTCP FTP for ActiveX version 2.0.2 **Description** A buffer overflow issue exists in the ActiveX control (DartFtp.dll) due to a long `SecretKey` property, allowing remote attackers to execute arbitrary code. **Recommendations** For PowerTCP FTP for ActiveX version 2.0.2, consider updating to a newer version that addresses this issue, as using a long `SecretKey` property can lead to arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VCDGear versions 3.55 through 3.56 BETA **Description** A stack-based buffer overflow issue allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE file. **Recommendations** For VCDGear versions 3.55 through 3.56 BETA, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: BolinTech Dream FTP Server version 1.02 Description: The issue allows remote authenticated users, including anonymous users, to cause a denial of service, resulting in an application crash. This can be achieved by sending a certain invalid PORT command. Recommendations: For BolinTech Dream FTP Server version 1.02, consider restricting access to the FTP server until a patch is available, and avoid using the invalid PORT command to prevent the application crash.