PuTTY:
2016-03-31

Many versions of PSCP prior to 0.67 have a stack corruption vulnerability in their treatment of the 'sink' direction (i.e. downloading from server to client) of the old-style SCP protocol.

CVE-2016-2563
putty-0.67.tgz

putty-gui-0.67.tgz