Mark Wooding

**Name of the Vulnerable Software and Affected Versions** PuTTY versions prior to 0.63 **Description** A heap-based buffer underflow issue exists in the modmul function in sshbn.c, which can be triggered by remote SSH servers sending a crafted DSA signature. This can cause a denial of service (crash) and potentially lead to memory corruption or code execution due to improper handling of certain bit-shifting operations during modular multiplication. **Recommendations** For versions prior to 0.63, update to version 0.63 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GIT versions prior to 1.1.5 **Description** A buffer overflow issue exists in the git-checkout-index component, allowing remote attackers to execute arbitrary code via an index file containing a long symbolic link. **Recommendations** For versions prior to 1.1.5, update to version 1.1.5 or later to resolve the issue.