Jonathan Smith

**Name of the Vulnerable Software and Affected Versions** Drupal Web Links module versions 6.x-2.x through 6.x-2.5 Drupal Web Links module versions 7.x-1.x through 7.x-1.0 **Description** A cross-site scripting (XSS) issue exists, allowing remote authenticated users with specific permissions to inject arbitrary web script or HTML. **Recommendations** For Drupal Web Links module versions 6.x-2.x through 6.x-2.5, update to version 6.x-2.6 or later. For Drupal Web Links module versions 7.x-1.x through 7.x-1.0, update to version 7.x-1.0 or later.

Name of the Vulnerable Software and Affected Versions: mtr versions prior to 0.73 Description: A stack-based buffer overflow issue exists in the split redraw function when invoked with the -p option, allowing remote attackers to execute arbitrary code via a crafted DNS PTR record. Recommendations: For versions prior to 0.73, update to version 0.73 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the -p option until the issue is resolved.