Joev

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.1 **Description** The issue allows remote attackers to bypass an intended user-confirmation requirement for AppleScript execution. **Recommendations** For Apple OS X versions prior to 10.11.1, update to version 10.11.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 4.4 **Description** The issue allows remote attackers to bypass the Same Origin Policy. This can be achieved via a crafted attribute containing a u0000 character. For example, an onclick attribute with a window.open sequence can be used to demonstrate this issue in the Android Browser application or a third-party web browser. **Recommendations** For Android versions prior to 4.4, update to version 4.4 or later to resolve the issue.