PROBLEM: (90902, SSRT0788U) (PATCH ID: OSF520CDE-005) ******** The dtprintinfo application may crash if the LANG environment variable has a value that is too long. This patch helps to fix this problem. PROBLEM: (90331) (PATCH ID: OSF520CDE-009) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. Compaq has corrected this potential vulnerability. PROBLEM: (89467, 89468, 90725, SSRT0753U, SSRT0752U) (PATCH ID: OSF520CDE-008) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables and command line arguments. This patch also fixes a potential security vulnerability in CDE Subprocess Control Service(dtspcd). 'dtspcd' has a potential buffer overflow condition which may lead to unauthorized access. Compaq has corrected these potential vulnerability. PROBLEM: (89468, SSRT0752U) (PATCH ID: OSF520CDE-011) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. Compaq has corrected this potential vulnerability. PROBLEM: (88306) (PATCH ID: OSF520CDE-014) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Compaq has corrected this potential vulnerability. PROBLEM: (88299) (PATCH ID: OSF520CDE-019) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Compaq has corrected this potential vulnerability. PROBLEM: (94946, 94947, 94949, 94950) (PATCH ID: OSF520CDE-029) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.