Pavel Polischouk found a boundary error in the PartsBatch class in the Pan newsreader when processing .nzb files, which could allow remote attackers to cause a denial of serice or possibly execute arbitrary code via a crafted .nzb file . The updated packages have been patched to prevent this issue.