Robert Sayre

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.5.17 Mozilla Firefox versions 3.6.x prior to 3.6.14 SeaMonkey versions prior to 2.0.12 **Description** A buffer overflow issue exists in the JavaScript engine, potentially allowing remote attackers to execute arbitrary code. This issue involves exception timing and a large number of string values, related to an "atom map" problem. **Recommendations** For Mozilla Firefox versions prior to 3.5.17, update to version 3.5.17 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.14, update to version 3.6.14 or later. For SeaMonkey versions prior to 2.0.12, update to version 2.0.12 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.5.x through 3.5.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code. This is related to the `TraceRecorder::snapshot` function in `js/src/jstracer.cpp` and other unspecified vectors. **Recommendations** For Mozilla Firefox versions 3.5.x through 3.5.1, update to version 3.5.2 or later to resolve the issue.