David Bloom

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 16.0 Thunderbird versions prior to 16.0 SeaMonkey versions prior to 2.13 **Description** The issue arises from improper handling of navigation away from a web page with multiple active menus of SELECT elements, allowing remote attackers to conduct clickjacking attacks. This can be achieved through vectors involving an XPI file, the `window.open` method, and the Geolocation API. **Recommendations** For Mozilla Firefox versions prior to 16.0, update to version 16.0 or later. For Thunderbird versions prior to 16.0, update to version 16.0 or later. For SeaMonkey versions prior to 2.13, update to version 2.13 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 16.0 Thunderbird versions prior to 16.0 SeaMonkey versions prior to 2.13 **Description** The issue arises when navigating away from a web page with an active SELECT element's menu. This can be exploited by remote attackers to spoof page content through absolute positioning and scrolling vectors. **Recommendations** For Mozilla Firefox versions prior to 16.0, update to version 16.0 or later. For Thunderbird versions prior to 16.0, update to version 16.0 or later. For SeaMonkey versions prior to 2.13, update to version 2.13 or later.

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iOS versions prior to 6 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For WebKit, as used in Apple iOS versions prior to 6, update to iOS version 6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 6.0 **Description** The issue allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site, due to improper handling of drag-and-drop events by WebKit in Apple Safari. **Recommendations** For versions prior to 6.0, update to version 6.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 6.0 **Description** The issue allows user-assisted remote attackers to read arbitrary files via a crafted web site due to improper handling of drag-and-drop events. **Recommendations** For versions prior to 6.0, update to version 6.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 9 **Description** A remote code execution issue exists due to improper handling of objects in memory. This allows attackers to execute arbitrary code by accessing an object that was not properly initialized, potentially corrupting memory. The issue may enable an attacker to execute arbitrary code in the context of the logged-on user. **Recommendations** For Microsoft Internet Explorer versions 6 through 9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer version 9 **Description** A remote code execution issue exists due to improper handling of objects in memory. This allows attackers to execute arbitrary code by accessing an object that was not properly initialized, potentially corrupting memory and enabling the execution of arbitrary code in the context of the logged-on user. **Recommendations** For Microsoft Internet Explorer version 9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 8 **Description** The issue allows remote attackers to obtain sensitive information or conduct clickjacking attacks via a crafted web site. An attacker could exploit this by constructing a specially crafted Web page disguised as legitimate content. The user's actions on the page could allow information disclosure or clickjacking, whereby the user's clicks perform unwanted actions. **Recommendations** For Microsoft Internet Explorer versions 6 through 8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 7 **Description** The issue allows remote attackers to obtain sensitive information via a crafted web site. An information disclosure vulnerability exists that could allow script to gain access to information in another domain or Internet Explorer zone. An attacker could exploit the issue by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page. This could enable an attacker to view content from another domain or Internet Explorer zone. **Recommendations** For Microsoft Internet Explorer versions 6 through 7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iTunes versions prior to 10.2 on Windows **Description** The issue allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors related to iTunes Store browsing. **Recommendations** For Apple iTunes versions prior to 10.2 on Windows, update to version 10.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 8 **Description** The issue allows remote attackers to execute script in an unintended domain or security zone, and obtain sensitive information. An information disclosure vulnerability exists that could allow script to gain access to a browser window in another domain or Internet Explorer zone. This could be exploited by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page and then interacts with the browser window using the mouse. **Recommendations** For Microsoft Internet Explorer versions 6 through 8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 9.63 **Description** The issue allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs due to the failure to block unspecified scripted URLs during the feed preview. **Recommendations** For Opera versions prior to 9.63, update to version 9.63 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 9.24 **Description** The issue allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy. **Recommendations** For versions prior to 9.24, update to version 9.24 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 SP1 through 7 for Windows XP SP2 and SP3 Microsoft Internet Explorer versions 6 and 7 for Server 2003 SP2 Microsoft Internet Explorer version 7 for Vista Gold, SP1, and SP2 Microsoft Internet Explorer version 7 for Server 2008 SP2 Description: The issue allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page. This can be demonstrated by setInterval functions that set `location.href` within a try/catch expression. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could allow information disclosure if a user viewed the Web page. The attacker could view data from a Web page in another Internet Explorer domain. Recommendations: For Microsoft Internet Explorer versions 6 SP1 through 7 for Windows XP SP2 and SP3, update to a newer version to mitigate the risk. For Microsoft Internet Explorer versions 6 and 7 for Server 2003 SP2, update to a newer version to mitigate the risk. For Microsoft Internet Explorer version 7 for Vista Gold, SP1, and SP2, update to a newer version to mitigate the risk. For Microsoft Internet Explorer version 7 for Server 2008 SP2, update to a newer version to mitigate the risk. As a temporary workaround, consider disabling the use of `setInterval` functions that set `location.href` within a try/catch expression until a patch is available.