Alex Dvorov

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.6 **Description** The issue is related to the ATM implementation in the Linux kernel, which does not properly initialize certain structures. This allows local users to obtain sensitive information from kernel stack memory by using a crafted application. The exploitation of this issue enables access to confidential information. **Recommendations** For Linux kernel versions prior to 3.6, update to version 3.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 9.0 Thunderbird versions 5.0 through 9.0 SeaMonkey versions prior to 2.7 **Description** The issue allows remote attackers to bypass the HTML5 frame-navigation policy. This is achieved by creating a form submission target with a sub-frame's name attribute, which enables the replacement of arbitrary sub-frames. **Recommendations** For Mozilla Firefox versions 4.x through 9.0, update to a version outside of this range to resolve the issue. For Thunderbird versions 5.0 through 9.0, update to a version outside of this range to resolve the issue. For SeaMonkey versions prior to 2.7, update to version 2.7 or later to resolve the issue.