Nishant Das Patnaik

**Name of the Vulnerable Software and Affected Versions** Impact PDF Reader versions 1.2 through 2.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in a server crash, by sending a POST request with a body containing "...". **Recommendations** For versions 1.2 through 2.0, update to a version that fixes this issue to prevent denial of service attacks.

**Name of the Vulnerable Software and Affected Versions** Safari on Apple iPhone OS version 3.1.3 **Description** The issue allows remote attackers to cause a denial of service, potentially leading to an application crash, or possibly execute arbitrary code. This is achieved through various vectors, including an array of long strings, an array of IMG elements with crafted strings in their `SRC` attributes, a `TBODY` element with no associated `TABLE` element, and certain calls to the `delete` operator and the `cloneNode`, `clearAttributes`, and `CollectGarbage` methods. **Recommendations** For Safari on Apple iPhone OS version 3.1.3, consider updating to a newer version to mitigate the risk of exploitation, as no specific fix is provided for this version. As a temporary workaround, restrict access to potentially vulnerable web pages to minimize the risk of denial of service or code execution.

**Name of the Vulnerable Software and Affected Versions** Safari on Apple iPhone OS version 3.1.3 for iPod touch **Description** The issue allows remote attackers to cause a denial of service, potentially leading to an application crash, or possibly execute arbitrary code. This is achieved by including a large integer in the `numcolors` attribute of a `recolorinfo` element in a VML file. **Recommendations** For Safari on Apple iPhone OS version 3.1.3 for iPod touch, consider avoiding the use of VML files with large integers in the `numcolors` attribute of a `recolorinfo` element until a fix is available. As a temporary workaround, restrict access to potentially malicious VML files to minimize the risk of exploitation.