James Qiu

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 10.63 **Description** The issue allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content, due to improper verification of the origin of video content. **Recommendations** For Opera versions prior to 10.63, update to version 10.63 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions prior to 4.1.3 Apple Safari versions 5.0.x prior to 5.0.3 Google Chrome versions prior to 6.0.472.53 webkitgtk versions prior to 1.2.6 **Description** The issue allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive image data via a crafted web site, due to improper restriction of read access to images derived from CANVAS elements. **Recommendations** For Apple Safari versions prior to 4.1.3, update to version 4.1.3 or later. For Apple Safari versions 5.0.x prior to 5.0.3, update to version 5.0.3 or later. For Google Chrome versions prior to 6.0.472.53, update to version 6.0.472.53 or later. For webkitgtk versions prior to 1.2.6, update to version 1.2.6 or later.