Nico

**Name of the Vulnerable Software and Affected Versions** Qualcomm WorldMail version 3.0 **Description** A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character. This can be achieved using various IMAP commands, including "LIST", "LSUB", "SEARCH TEXT", "STATUS INBOX", "AUTHENTICATE", "FETCH", "SELECT", and "COPY". **Recommendations** For Qualcomm WorldMail version 3.0, consider restricting the length of IMAP commands to prevent buffer overflow exploitation until a patch is available. As a temporary workaround, limit the use of IMAP commands that could be used to trigger the overflow, such as avoiding the use of long commands that end with a "}" character. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Netinfo Setup Tool (NeST) (affected versions not specified) **Description** A buffer overflow issue in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.