Koshi

Name of the Vulnerable Software and Affected Versions: Getleft version 1.2 Description: The issue is related to multiple buffer overflows in Getleft.exe, which can be triggered by remote attackers. This can cause a denial of service (crash) and potentially allow the execution of arbitrary code. The overflows can occur through various means, including a long "a" HTML tag, long src attributes in `embed`, `img`, or `script` tags, a long background attribute in a `body` tag, and other unspecified tags. Recommendations: For Getleft version 1.2, consider updating to a newer version that addresses these buffer overflows, as using a version with these issues can pose a significant risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** eXeScope version 6.50 **Description** A buffer overflow issue allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file. **Recommendations** For eXeScope version 6.50, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Acoustica Beatcraft version 1.02 Build 19 **Description** The issue is a stack-based buffer overflow that can be triggered by a user-assisted attack. This occurs when a Beatcraft Project file contains a long string in a certain instrument's title field. As a result, an attacker could cause a denial of service or potentially execute arbitrary code. **Recommendations** For Acoustica Beatcraft version 1.02 Build 19, consider avoiding the use of long strings in instrument title fields within Beatcraft Project files until a fix is available. As a temporary workaround, restrict the length of strings in these fields to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Msmask32.ocx version 6.0.81.69 Msmask32.ocx versions prior to 6.0.84.18 **Description** The issue is related to a heap-based buffer overflow in the MaskedEdit ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long `Mask` parameter, due to the lack of boundary checks when validating property values. The issue has been exploited in the wild. **Recommendations** For Msmask32.ocx version 6.0.81.69, update to version 6.0.84.18 or later. For Msmask32.ocx versions prior to 6.0.84.18, update to version 6.0.84.18 or later.