Snake

**Name of the Vulnerable Software and Affected Versions** Microsoft Office versions XP SP3 through 2010 Microsoft Office for Mac versions 2004 through 2011 Open XML File Format Converter for Mac version (affected versions not specified) **Description** A remote code execution issue exists due to a stack-based buffer overflow when parsing specially crafted Rich Text Format (RTF) data. This could allow an attacker to execute arbitrary code and potentially take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights. **Recommendations** For Microsoft Office versions XP SP3 through 2010, update to a version that is not affected by this issue. For Microsoft Office for Mac versions 2004 through 2011, update to a version that is not affected by this issue. For Open XML File Format Converter for Mac, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** R. Corson PHP Forge versions 3 beta 2 and earlier **Description** The issue allows remote attackers to execute arbitrary PHP code via a URL in the `cfg racine` parameter in the inc/gabarits.php file. **Recommendations** For versions 3 beta 2 and earlier, consider restricting access to the `cfg racine` parameter in the inc/gabarits.php file to minimize the risk of exploitation.