J23

**Name of the Vulnerable Software and Affected Versions** WebKit versions prior to 5.0.6 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. This is a different issue than other WebKit vulnerabilities. **Recommendations** For WebKit versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari (affected versions not specified) Apple iTunes versions prior to 10.2 on Windows **Description** The issue is related to the DOM level 2 implementation in WebKit, which does not properly handle DOM manipulations associated with event listeners during processing of range objects. This allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors related to iTunes Store browsing. **Recommendations** For Apple iTunes versions prior to 10.2 on Windows, update to version 10.2 or later to resolve the issue. For Apple Safari, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 5.0.3 on Mac OS X 10.5 through 10.6 and Windows Apple Safari versions prior to 4.1.3 on Mac OS X 10.4 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted string due to an integer overflow in WebKit. **Recommendations** For Apple Safari versions prior to 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, update to version 5.0.3 or later. For Apple Safari versions prior to 4.1.3 on Mac OS X 10.4, update to version 4.1.3 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.5.x through 3.5.10 Mozilla Firefox versions 3.6.x through 3.6.6 SeaMonkey versions prior to 2.0.6 **Description** The issue allows remote attackers to execute arbitrary code via plugin content with many parameter elements. This is due to an integer overflow. **Recommendations** For Mozilla Firefox versions 3.5.x through 3.5.10, update to version 3.5.11 or later. For Mozilla Firefox versions 3.6.x through 3.6.6, update to version 3.6.7 or later. For SeaMonkey versions prior to 2.0.6, update to version 2.0.6 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.5.x through 3.5.10 Mozilla Firefox versions 3.6.x through 3.6.6 Thunderbird versions 3.0.x through 3.0.5 Thunderbird versions 3.1.x through 3.1.0 SeaMonkey versions prior to 2.0.6 **Description** The issue is related to an integer overflow in an array class, allowing remote attackers to execute arbitrary code. This is achieved by placing many Cascading Style Sheets (CSS) values in an array, which is linked to references to external font resources and an inconsistency between 16-bit and 32-bit integers. **Recommendations** For Mozilla Firefox versions 3.5.x through 3.5.10, update to version 3.5.11 or later. For Mozilla Firefox versions 3.6.x through 3.6.6, update to version 3.6.7 or later. For Thunderbird versions 3.0.x through 3.0.5, update to version 3.0.6 or later. For Thunderbird versions 3.1.x through 3.1.0, update to version 3.1.1 or later. For SeaMonkey versions prior to 2.0.6, update to version 2.0.6 or later.