Catalin Patulea

**Name of the Vulnerable Software and Affected Versions** libnspr4 versions prior to the fixed version libnss3 versions prior to the fixed version Mozilla Firefox versions prior to 1.5.0.7 Thunderbird versions prior to 1.5.0.7 SeaMonkey versions prior to 1.0.5 libnspr-dev versions prior to the fixed version libnss-dev versions prior to the fixed version **Description** The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libnspr4, libnss3, libnspr-dev, and libnss-dev. These vulnerabilities can be exploited remotely, potentially leading to a breach of confidentiality, integrity, and availability of protected information. Additionally, a vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey can cause a denial of service (crash) via a malformed JavaScript regular expression. **Recommendations** For libnspr4, update to a version that contains a fix for this issue. For libnss3, update to a version that contains a fix for this issue. For Mozilla Firefox versions prior to 1.5.0.7, update to version 1.5.0.7 or later. For Thunderbird versions prior to 1.5.0.7, update to version 1.5.0.7 or later. For SeaMonkey versions prior to 1.0.5, update to version 1.0.5 or later. For libnspr-dev, update to a version that contains a fix for this issue. For libnss-dev, update to a version that contains a fix for this issue.