Wooshi

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 11.0.696.57 **Description** The issue is related to improper height calculations, which can be exploited by remote attackers to cause a denial of service or possibly have other unspecified impacts via unknown vectors, leading to a "stale pointer." **Recommendations** For versions prior to 11.0.696.57, update to version 11.0.696.57 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.5.12 Mozilla Firefox versions 3.6.x prior to 3.6.9 Thunderbird versions prior to 3.0.7 Thunderbird versions 3.1.x prior to 3.1.3 SeaMonkey versions prior to 2.0.7 **Description** A heap-based buffer overflow in the `nsTextFrameUtils::TransformText` function might allow remote attackers to execute arbitrary code via a bidirectional text run. **Recommendations** For Mozilla Firefox versions prior to 3.5.12, update to version 3.5.12 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.9, update to version 3.6.9 or later. For Thunderbird versions prior to 3.0.7, update to version 3.0.7 or later. For Thunderbird versions 3.1.x prior to 3.1.3, update to version 3.1.3 or later. For SeaMonkey versions prior to 2.0.7, update to version 2.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 5.0.375.127 webkitgtk versions prior to 1.2.5 **Description** The issue is related to the improper handling of SVG documents, which can be exploited by remote attackers to cause a denial of service due to memory corruption, or possibly have other unspecified impacts. This is achieved through unknown vectors related to state changes when using the DeleteButtonController. **Recommendations** For Google Chrome versions prior to 5.0.375.127, update to version 5.0.375.127 or later. For webkitgtk versions prior to 1.2.5, update to version 1.2.5 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 4.1.249.1036 **Description** The issue allows remote attackers to cause a denial of service, resulting in a memory error, or possibly have other unspecified impacts via a malformed SVG document. **Recommendations** For versions prior to 4.1.249.1036, update to version 4.1.249.1036 or later to resolve the issue.