Ulf Härnhammer

**Name of the Vulnerable Software and Affected Versions** unalz versions prior to 0.53 **Description** The issue allows remote attackers to execute arbitrary code via long file names in ALZ archives. This is due to a buffer overflow in the unalz software. **Recommendations** For versions prior to 0.53, update to version 0.53 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** XShisen versions prior to 1.36 **Description** A buffer overflow issue allows local users to execute arbitrary code via a long GECOS field. **Recommendations** For versions prior to 1.36, update to version 1.36 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** XShisen (affected versions not specified) **Description** The issue concerns multiple buffer overflows that allow attackers to execute arbitrary code. This can be achieved through either a long `-KCONV` command line option or the `XSHISENLIB` environment variable. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.