Reed

**Name of the Vulnerable Software and Affected Versions** active-support ruby gem version 5.2.0 **Description** The issue is related to the presence of a malicious backdoor in the active-support ruby gem, which could allow a remote attacker to execute arbitrary code on the system. This is caused by the gem containing hidden malicious code. An attacker could exploit this to execute arbitrary code on the system. The gem is a trojan horse that duplicates the official activesupport gem but adds a compiled extension. This extension attempts to resolve a base64 encoded domain, downloads a payload, and executes it. **Recommendations** For active-support ruby gem version 5.2.0, consider removing or avoiding the use of this gem entirely, as no version is considered safe. As a temporary workaround, consider restricting access to any systems that have this gem installed to minimize the risk of exploitation. Avoid using any functionality provided by this gem until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 28 **Description** The issue allows remote attackers to conduct a persistent Logout CSRF attack by sending HTTP Cookie headers without proper validation of required character-set restrictions. This can be achieved via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response. **Recommendations** For Mozilla Firefox versions prior to 28, update to version 28 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 19.0.2 Firefox ESR 17.x versions prior to 17.0.4 Thunderbird versions prior to 17.0.4 Thunderbird ESR 17.x versions prior to 17.0.4 SeaMonkey versions prior to 2.16.1 **Description** The issue allows remote attackers to execute arbitrary code via vectors involving an `execCommand` call, exploiting a use-after-free vulnerability in the `nsEditor::IsPreformatted` function. **Recommendations** For Mozilla Firefox versions prior to 19.0.2, update to version 19.0.2 or later. For Firefox ESR 17.x versions prior to 17.0.4, update to version 17.0.4 or later. For Thunderbird versions prior to 17.0.4, update to version 17.0.4 or later. For Thunderbird ESR 17.x versions prior to 17.0.4, update to version 17.0.4 or later. For SeaMonkey versions prior to 2.16.1, update to version 2.16.1 or later.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.16rc1 through 2.22.7 Bugzilla versions 3.0.x through 3.3.x Bugzilla versions 3.4.x before 3.4.12 Bugzilla version 3.5.x Bugzilla versions 3.6.x before 3.6.6 Bugzilla version 3.7.x Bugzilla versions 4.0.x before 4.0.2 Bugzilla versions 4.1.x before 4.1.3 **Description** The issue allows remote attackers to perform arbitrary address changes by leveraging an unattended workstation, as it does not prevent changes to the confirmation e-mail address, also known as the `old email` field, for e-mail change notifications. **Recommendations** For Bugzilla versions 2.16rc1 through 2.22.7, update to a version outside of this range to prevent arbitrary address changes. For Bugzilla versions 3.0.x through 3.3.x, update to a version outside of this range to prevent arbitrary address changes. For Bugzilla versions 3.4.x before 3.4.12, update to version 3.4.12 or later to prevent arbitrary address changes. For Bugzilla version 3.5.x, update to a version outside of this range to prevent arbitrary address changes. For Bugzilla versions 3.6.x before 3.6.6, update to version 3.6.6 or later to prevent arbitrary address changes. For Bugzilla version 3.7.x, update to a version outside of this range to prevent arbitrary address changes. For Bugzilla versions 4.0.x before 4.0.2, update to version 4.0.2 or later to prevent arbitrary address changes. For Bugzilla versions 4.1.x before 4.1.3, update to version 4.1.3 or later to prevent arbitrary address changes.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 3.7.1 through 4.0rc1 **Description** A cross-site scripting issue exists in the duplicate-detection functionality, allowing remote attackers to inject arbitrary web script or HTML via the `summary` field, related to the DataTable widget in YUI. **Recommendations** For Bugzilla versions 3.7.1 through 4.0rc1, as a temporary workaround, consider restricting access to the duplicate-detection functionality until a patch is available. Avoid using the `summary` field in the affected functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 3.7.1 through 4.0rc1 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI. **Recommendations** For Bugzilla versions 3.7.1 through 4.0rc1, update to a version that fixes this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.5.12 Mozilla Firefox versions 3.6.x prior to 3.6.9 Thunderbird versions prior to 3.0.7 Thunderbird versions 3.1.x prior to 3.1.3 SeaMonkey versions prior to 2.0.7 **Description** The issue is related to the `normalizeDocument` function not properly handling the removal of DOM nodes during normalization. This could potentially allow remote attackers to execute arbitrary code via vectors involving access to a deleted object. **Recommendations** For Mozilla Firefox versions prior to 3.5.12, update to version 3.5.12 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.9, update to version 3.6.9 or later. For Thunderbird versions prior to 3.0.7, update to version 3.0.7 or later. For Thunderbird versions 3.1.x prior to 3.1.3, update to version 3.1.3 or later. For SeaMonkey versions prior to 2.0.7, update to version 2.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.5.x through 3.5.10 Mozilla Firefox versions 3.6.x through 3.6.6 Thunderbird versions 3.0.x through 3.0.5 Thunderbird versions 3.1.x through 3.1.0 SeaMonkey version 2.0.5 and earlier **Description** The issue allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free. This occurs due to an integer overflow in the affected software. **Recommendations** For Mozilla Firefox versions 3.5.x through 3.5.10, update to version 3.5.11 or later. For Mozilla Firefox versions 3.6.x through 3.6.6, update to version 3.6.7 or later. For Thunderbird versions 3.0.x through 3.0.5, update to version 3.0.6 or later. For Thunderbird versions 3.1.x through 3.1.0, update to version 3.1.1 or later. For SeaMonkey version 2.0.5 and earlier, update to version 2.0.6 or later.