Mario Heiderich

Name of the Vulnerable Software and Affected Versions: Eucalyptus Management Console (EMC) versions 4.0.0 through 4.0.0 Description: The issue is a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Recommendations: For versions 4.0.0 through 4.0.0, update to version 4.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11 Safari versions prior to 11 iCloud versions prior to 7.0 on Windows iTunes versions prior to 12.7 on Windows tvOS versions prior to 11 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11, update to version 11 or later. For Safari versions prior to 11, update to version 11 or later. For iCloud versions prior to 7.0 on Windows, update to version 7.0 or later. For iTunes versions prior to 12.7 on Windows, update to version 12.7 or later. For tvOS versions prior to 11, update to version 11 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11 Safari versions prior to 11 iCloud versions prior to 7.0 on Windows iTunes versions prior to 12.7 on Windows tvOS versions prior to 11 **Description** The issue involves the WebKit component and allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted web site. **Recommendations** For iOS versions prior to 11, update to version 11 or later. For Safari versions prior to 11, update to version 11 or later. For iCloud versions prior to 7.0 on Windows, update to version 7.0 or later. For iTunes versions prior to 12.7 on Windows, update to version 12.7 or later. For tvOS versions prior to 11, update to version 11 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 10.3.3 Apple Safari versions prior to 10.1.2 Apple tvOS versions prior to 10.2.2 **Description** A DOMParser XSS issue was discovered in certain Apple products, involving the WebKit component. **Recommendations** For iOS versions prior to 10.3.3, update to iOS 10.3.3 or later. For Safari versions prior to 10.1.2, update to Safari 10.1.2 or later. For tvOS versions prior to 10.2.2, update to tvOS 10.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (affected versions not specified) **Description** The issue exists due to inadequate protection of the web page structure in Microsoft Edge, allowing a remote attacker to conduct XSS attacks or obtain confidential information through unspecified vectors. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Plupload versions prior to 2.1.9 WordPress versions prior to 4.5.2 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack. **Recommendations** For Plupload versions prior to 2.1.9, update to version 2.1.9 or later. For WordPress versions prior to 4.5.2, update to version 4.5.2 or later.

**Name of the Vulnerable Software and Affected Versions** MediaElement.js versions prior to 2.21.0 WordPress versions prior to 4.5.2 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via an obfuscated form of the `jsinitfunction` parameter. This can be demonstrated by using "jsinitfunctio%gn" as an example of the obfuscated form. **Recommendations** For MediaElement.js versions prior to 2.21.0, update to version 2.21.0 or later to resolve the issue. For WordPress versions prior to 4.5.2, update to version 4.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `flash/FlashMediaElement.swf` file in MediaElement.js until a patch is available. Avoid using the `jsinitfunction` parameter in its obfuscated form until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 42.0 **Description** The issue is related to an improper whitelist in the Reader View implementation, making it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism. This allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL. **Recommendations** For versions prior to 42.0, update to version 42.0 or later to resolve the issue. As a temporary workaround, consider disabling the Reader View feature until a patch is available. Restrict access to SVG animations and the about:reader URL to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** phpMyAdmin versions 4.0.x through 4.0.10.15 phpMyAdmin versions 4.4.x through 4.4.15.6 phpMyAdmin versions 4.6.x through 4.6.2 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via several vectors, including a crafted table name, a crafted mysqld log bin directive, the Transformation implementation, AJAX error handling, the Designer implementation, the charts implementation, or the zoom-search implementation. **Recommendations** For phpMyAdmin versions 4.0.x through 4.0.10.15, update to version 4.0.10.16 or later. For phpMyAdmin versions 4.4.x through 4.4.15.6, update to version 4.4.15.7 or later. For phpMyAdmin versions 4.6.x through 4.6.2, update to version 4.6.3 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7 **Description** The issue involves multiple cross-site scripting (XSS) vulnerabilities in WebKit. These vulnerabilities allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving drag-and-drop or copy-and-paste operations. **Recommendations** For versions prior to 7, update to iOS version 7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 13.0 Mozilla Firefox ESR versions 10.x before 10.0.6 Thunderbird versions 5.0 through 13.0 Thunderbird ESR versions 10.x before 10.0.6 SeaMonkey versions prior to 2.11 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via a feed, due to improper handling of EMBED elements within description elements in RSS feeds by an unspecified parser-utility class. **Recommendations** For Mozilla Firefox versions 4.x through 13.0, update to a version after 13.0. For Mozilla Firefox ESR versions 10.x before 10.0.6, update to version 10.0.6 or later. For Thunderbird versions 5.0 through 13.0, update to a version after 13.0. For Thunderbird ESR versions 10.x before 10.0.6, update to version 10.0.6 or later. For SeaMonkey versions prior to 2.11, update to version 2.11 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 8.0 Thunderbird versions 5.0 through 8.0 SeaMonkey versions prior to 2.6 **Description** The issue allows remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page. **Recommendations** For Mozilla Firefox versions 4.x through 8.0, update to a version outside of this range to resolve the issue. For Thunderbird versions 5.0 through 8.0, update to a version outside of this range to resolve the issue. For SeaMonkey versions prior to 2.6, update to version 2.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 4.0.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via an SVG element containing an HTML-encoded entity. **Recommendations** For Mozilla Firefox versions 4.x through 4.0.1, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PHP versions prior to 5.2.11 **Description** The issue is related to an integer overflow in the `xml utf8 decode` function, which can be exploited by remote attackers using a crafted string with overlong UTF-8 encoding. This allows attackers to bypass protection mechanisms against cross-site scripting (XSS) and SQL injection. **Recommendations** For PHP versions prior to 5.2.11, update to version 5.2.11 or later to resolve the issue. As a temporary workaround, consider restricting input to prevent the use of overlong UTF-8 encoding.

**Name of the Vulnerable Software and Affected Versions** HTML Purifier versions prior to 4.1.0 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) properties, specifically (1) background-image, (2) background, or (3) font-family, when Internet Explorer is used. **Recommendations** For versions prior to 4.1.0, update to version 4.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer 8 Microsoft Windows SharePoint Services 3.0 SP2 SharePoint Foundation 2010 Office SharePoint Server 2007 SP2 Groove Server 2010 Office Web Apps (affected versions not specified) **Description** The issue allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism and conduct XSS attacks via a crafted use of the Cascading Style Sheets (CSS) `@import` rule. An information disclosure vulnerability exists in the way that the `SafeHTML` function and the `toStaticHTML` API sanitize HTML, which could allow an attacker to perform cross-site scripting attacks and run script in the security context of the logged-on user. This could enable the attacker to execute a cross-site scripting attack on the user, allowing the execution of script in the user's security context against a site that is using the `toStaticHTML` API. **Recommendations** For Microsoft Internet Explorer 8, consider disabling the `toStaticHTML` function as a temporary workaround until a patch is available. For Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, restrict access to the `SafeHTML` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.