Tal Zeltzer

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** The issue is related to an integer underflow in the Windows Shell, specifically in the Briefcase feature. This allows a local user to gain privileges via a crafted briefcase. A remote code execution vulnerability also exists in the Briefcase feature, where an attacker could exploit the vulnerability by convincing a user to open a specially crafted briefcase, potentially executing arbitrary code in the security context of the current user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** The issue is related to an integer overflow in the Windows Shell, specifically in the Briefcase feature. This allows a local user to gain privileges via a crafted briefcase. A remote code execution vulnerability also exists, where an attacker could exploit the issue by convincing a user to open a specially crafted Windows Briefcase, potentially executing arbitrary code in the security context of the current user. **Recommendations** For Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Symantec pcAnywhere versions 12.5.x through 12.5.3 Symantec IT Management Suite pcAnywhere Solution version 7.0 (aka 12.5.x) Symantec IT Management Suite pcAnywhere Solution version 7.1 (aka 12.6.x) **Description** The issue is related to the host-services component, which does not properly filter login and authentication data. This allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631, specifically the API endpoint on port 5631. **Recommendations** For Symantec pcAnywhere versions 12.5.x through 12.5.3, consider restricting access to the host-services component until a patch is available. For Symantec IT Management Suite pcAnywhere Solution version 7.0 (aka 12.5.x), restrict access to the host-services component to minimize the risk of exploitation. For Symantec IT Management Suite pcAnywhere Solution version 7.1 (aka 12.6.x), avoid using the vulnerable host-services component in the API endpoint on port 5631 until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Trillian versions 3.0 **Description** The issue is caused by a buffer overflow that occurs when a crafted PNG image file is processed, allowing remote attackers to execute arbitrary code. Additionally, a remote denial of service can be triggered when a malicious PNG image is sent via the MSN protocol, resulting in loss of availability for the service. **Recommendations** For Trillian version 3.0, update to a newer version that contains a fix for this issue to prevent remote code execution and denial of service attacks.