Sergey Glazunov

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 52.0.2743.116 Opera (affected versions not specified) **Description** The Web Cryptography API implementation in Blink does not properly copy data buffers, allowing remote attackers to cause a denial of service or possibly have other unspecified impact via crafted JavaScript code, related to NormalizeAlgorithm.cpp and SubtleCrypto.cpp. **Recommendations** For Google Chrome versions prior to 52.0.2743.116, update to version 52.0.2743.116 or later to resolve the issue. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Blink versions prior to 52.0.2743.116 **Description** The issue allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp. **Recommendations** For versions prior to 52.0.2743.116, update to version 52.0.2743.116 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iTunes versions prior to 11.0.3 **Description** The issue allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors related to iTunes Store browsing. **Recommendations** For Apple iTunes versions prior to 11.0.3, update to version 11.0.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WebKit, as used in Apple iTunes versions prior to 11.0.3 **Description** The issue allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via vectors related to iTunes Store browsing. **Recommendations** For Apple iTunes versions prior to 11.0.3, update to version 11.0.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 6.1 **Description** A cross-site scripting (XSS) issue exists, allowing user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation. **Recommendations** For versions prior to 6.1, update to version 6.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 22.0.1229.79 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors involving frames. This is also known as "Universal XSS (UXSS)". **Recommendations** For versions prior to 22.0.1229.79, update to version 22.0.1229.79 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 18.0.1025.151 **Description** The issue allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements. **Recommendations** For versions prior to 18.0.1025.151, update to version 18.0.1025.151 or later to resolve the issue.

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589.

Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0587, CVE-2012-0588, and CVE-2012-0589.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 17.0.963.78 **Description** The issue is related to the extension subsystem in Google Chrome, which does not properly handle history navigation. This allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. **Recommendations** For versions prior to 17.0.963.78, update to version 17.0.963.78 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 15.0.874.102 **Description** The issue allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors due to improper handling of `javascript:` URLs. **Recommendations** For versions prior to 15.0.874.102, update to version 15.0.874.102 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 15.0.874.102 Android versions prior to 4.4 **Description** The issue allows remote attackers to bypass the Same Origin Policy, enabling them to conduct Universal XSS (UXSS) attacks. This can be achieved through various vectors, including the use of the `DOMWindow::clear` function with a selection object, the `Object::GetRealNamedPropertyInPrototypeChain` function with an ` proto ` property, the `HTMLPlugInImageElement::allowedToLoadFrameURL` function with a `javascript:` URL, incorrect origins for XSLT-generated documents in the `XSLTProcessor::createDocumentFromSource` function, and improper handling of synchronous frame loads in the `ScriptController::executeIfJavaScriptURL` function. **Recommendations** For Google Chrome versions prior to 15.0.874.102, update to version 15.0.874.102 or later to resolve the issue. For Android versions prior to 4.4, update to version 4.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of `javascript:` URLs and synchronous frame loads until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 5 Safari versions prior to 5.1.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows. This affects WebKit, which is used in Apple iOS and Safari. **Recommendations** For Apple iOS versions prior to 5, update to version 5 or later. For Safari versions prior to 5.1.1, update to version 5.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 13.0.782.107 **Description** The issue allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. **Recommendations** For versions prior to 13.0.782.107, update to version 13.0.782.107 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 13.0.782.107 **Description** The issue allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks. **Recommendations** For versions prior to 13.0.782.107, update to version 13.0.782.107 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 11.0.696.57 **Description** The issue is related to the improper handling of DOM id maps, which can be exploited by remote attackers to cause a denial of service or possibly have other unspecified impacts. This is achieved via unknown vectors that lead to "dangling pointers." **Recommendations** For versions prior to 11.0.696.57, update to version 11.0.696.57 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WebKit versions prior to 5.0.6 Google Chrome versions prior to 10.0.648.204 **Description** The issue is related to improper handling of node parentage, which can be exploited by remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact. This can also be used to conduct cross-site scripting (XSS) attacks via unknown vectors. **Recommendations** For WebKit versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue. For Google Chrome versions prior to 10.0.648.204, update to version 10.0.648.204 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 10.0.648.204 **Description** A use-after-free issue in the HTMLCollection implementation can be exploited by remote attackers to cause a denial of service or possibly have other unspecified impacts. The exact vectors used for the attack are not specified. **Recommendations** For versions prior to 10.0.648.204, update to version 10.0.648.204 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 10.0.648.127 **Description** The issue is related to the improper handling of SVG cursors, which can be exploited by remote attackers to cause a denial of service or possibly have other unspecified impacts. This is achieved via unknown vectors that lead to a "stale pointer." **Recommendations** For versions prior to 10.0.648.127, update to version 10.0.648.127 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 10.0.648.127 **Description** The issue is related to the improper handling of attributes in crafted documents, which can lead to a denial of service due to DOM tree corruption, and possibly have other unspecified impacts. **Recommendations** For versions prior to 10.0.648.127, update to version 10.0.648.127 or later to resolve the issue.