Nelson A. De Oliveira

**Name of the Vulnerable Software and Affected Versions** OptiPNG version 0.7.6 **Description** A global buffer overflow allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously crafted GIF format file, related to an uncontrolled loop in the `LZWReadByte` function of the `gifread.c` file. **Recommendations** For OptiPNG version 0.7.6, consider restricting the use of the `LZWReadByte` function in the `gifread.c` file until a patch is available. Avoid processing maliciously crafted GIF format files to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.15 Description: The issue allows local users to cause a denial of service, resulting in a segmentation fault, by providing a large string of 0s to `scanf` and related functions in glibc. Recommendations: For versions prior to 2.15, consider restricting the input to `scanf` and related functions to prevent the denial of service. As a temporary workaround, limit the length of input strings to prevent the segmentation fault until a patch is available.