Mozilla · Firefox · CVE-2009-3372
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions prior to 3.0.15
Mozilla Firefox versions 3.5.x prior to 3.5.4
SeaMonkey versions prior to 2.0
**Description**
The issue allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
**Recommendations**
For Mozilla Firefox versions prior to 3.0.15, update to version 3.0.15 or later.
For Mozilla Firefox versions 3.5.x prior to 3.5.4, update to version 3.5.4 or later.
For SeaMonkey versions prior to 2.0, update to version 2.0 or later.