Sadrul Habib Chowdhury

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iTunes versions prior to 10.5 **Description** The issue allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors related to iTunes Store browsing. **Recommendations** For Apple iTunes versions prior to 10.5, update to version 10.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Pidgin versions prior to 2.6.6 **Description** The issue is related to the parsing of nicknames in XMPP multi-user chat rooms. When a nickname contains a specific sequence, it can cause the application to crash, resulting in a denial of service. This is due to the improper parsing of nicknames containing `<br>` sequences. **Recommendations** For versions prior to 2.6.6, update to version 2.6.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of nicknames containing `<br>` sequences in XMPP multi-user chat rooms to minimize the risk of exploitation.