Luke Wagner

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 79 Firefox ESR versions prior to 78.1 Thunderbird versions prior to 78.1 **Description** The issue is related to memory safety bugs, which can lead to memory corruption. With sufficient effort, these bugs could potentially be exploited to run arbitrary code. The vulnerability is associated with a buffer data boundary operation overflow, allowing a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For Firefox versions prior to 79, update to version 79 or later. For Firefox ESR versions prior to 78.1, update to version 78.1 or later. For Thunderbird versions prior to 78.1, update to version 78.1 or later.

**Name of the Vulnerable Software and Affected Versions** Apple Safari versions 4.x through 4.1.1 Apple Safari versions 5.x through 5.0.1 Android versions prior to 2.2 webkitgtk versions prior to 1.2.6 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document, related to improper validation of floating-point data and non-standard NaN representation. **Recommendations** For Apple Safari versions 4.x through 4.1.1, update to version 4.1.2 or later. For Apple Safari versions 5.x through 5.0.1, update to version 5.0.2 or later. For Android versions prior to 2.2, update to version 2.2 or later. For webkitgtk versions prior to 1.2.6, update to version 1.2.6 or later.