Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.