Johnathan Nightingale

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.0.8 SeaMonkey versions prior to 1.1.16 **Description** The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform. This is related to the txMozillaXSLTProcessor::TransformToDoc function. **Recommendations** For Mozilla Firefox versions prior to 3.0.8, update to version 3.0.8 or later. For SeaMonkey versions prior to 1.1.16, update to version 1.1.16 or later.