Wind Li

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 1.0.1 Mozilla versions prior to 1.7.6 **Description** A heap-based buffer overflow issue exists in the UTF8ToNewUnicode function, potentially allowing remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value. **Recommendations** For Firefox versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. For Mozilla versions prior to 1.7.6, update to version 1.7.6 or later to resolve the issue.