Yong Li

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iTunes versions prior to 10.7 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For Apple iTunes versions prior to 10.7, update to version 10.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 5.0.6 **Description** The issue allows remote attackers to bypass the Same Origin Policy and modify the rendering of text from arbitrary web sites via a Java applet that loads fonts. **Recommendations** For versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue.