Peter Karlsson

**Name of the Vulnerable Software and Affected Versions** Turquoise SuperStat (turqstat) versions 2.2.4 and earlier **Description** The issue is related to a buffer overflow in the utility.cpp file of Turquoise SuperStat, which could potentially allow remote NNTP servers to execute arbitrary code by sending a date with a long month. Additionally, there are multiple vulnerabilities in the xturqstat package that can lead to breaches of confidentiality, integrity, and availability of protected information, and these can be exploited remotely. **Recommendations** For versions 2.2.4 and earlier, update to a version that fixes the buffer overflow issue in utility.cpp. At the moment, there is no information about a newer version that contains a fix for this vulnerability.