Eric Rahm

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 38.0 Mozilla Firefox ESR versions 31.x prior to 31.7 Thunderbird versions prior to 31.7 **Description** The issue is caused by a buffer overflow in the XML parser, allowing remote attackers to execute arbitrary code by providing a large amount of compressed XML data. **Recommendations** For Mozilla Firefox versions prior to 38.0, update to version 38.0 or later. For Mozilla Firefox ESR versions 31.x prior to 31.7, update to version 31.7 or later. For Thunderbird versions prior to 31.7, update to version 31.7 or later.