This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iTunes.

The specific flaw exists in the URL handlers associated with iTunes.

When processing URLs via the protocol handlers ITMS, ITMSS, DAAP, PCAST, and ITPC an exploitable stack overflow occurs.

This module exploits a stack corruption in the DirectShow Quicktime Movie parser in quartz.dll of Microsoft DirectX.

WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a stack overflow in library DCCFAXVW.DLL of Symantec WinFax Pro. When passing an overly long string to the AppendFax() method, arbitrary code may be executed.

This vulnerability arises from the way MPLAB IDE processes IDE Project files with extension of .mcp. It could lead to a critical buffer overflow error that allows hackers to execute malicious code on users systems.

A design error has been discovered in GNOME's gEdit, which can be exploited by sending a malicious file to vulnerable victims.

This module exploits a stack overflow on "pp7x32.dll" when it parses an inconsistent record length in sound data in a file that uses a PowerPoint 95 (PPT95) native file format.



This update adds support to Microsoft Office XP, support to Microsoft Windows 2000 and Microsoft Windows Vista.

Multiple ACDSee products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks when processing a malformed TIF image.

SDP Downloader contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in SDP Downloader when handling crafted .ASX files.

BS Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error when handling crafted .BSL files.

A stack-based buffer overflow in eZip Wizard allows an attacker to execute arbitrary code via a crafted .ZIP file that contains a file with a long name.

This update makes a correction to a parameter name.