Ting-Wei Hsieh

**Name of the Vulnerable Software and Affected Versions** U-Office Force (affected versions not specified) **Description** U-Office Force contains an Insecure Deserialization issue. This allows unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content. The issue does not require authentication for exploitation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: BatchSignCS (affected versions not specified) Description: BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File Write vulnerability. If a user visits a malicious website while the application is running, remote attackers can write arbitrary files to any path, potentially leading to arbitrary code execution. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.