Bret Mcmillan

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.0.2 through 3.0.10 **Description** The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This is related to interaction with TinyMCE. **Recommendations** For Mozilla Firefox versions 3.0.2 through 3.0.10, update to a version outside of this range to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.0.11 Thunderbird versions prior to 2.0.0.22 SeaMonkey versions prior to 1.1.17 **Description** The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code via several vectors related to the browser engine, including `nsEventStateManager::GetContentState`, `nsNativeTheme::CheckBooleanAttr`, `UnhookTextRunFromFrames`, `ClearAllTextRunReferences`, `nsTextFrame::ClearTextRun`, `IsPercentageAware`, `PL DHashTableFinish`, `nsListBoxBodyFrame::GetNextItemBox`, `AtomTableClearEntry`, `nsHTMLEditor::HideResizers`, and `nsWindow::SetCursor`. These vectors are related to the atom table, DOM mutation events, and Unicode surrogates. **Recommendations** For Mozilla Firefox versions prior to 3.0.11, update to version 3.0.11 or later. For Thunderbird versions prior to 2.0.0.22, update to version 2.0.0.22 or later. For SeaMonkey versions prior to 1.1.17, update to version 1.1.17 or later.