Gkw

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 40.0 Mozilla Firefox ESR versions prior to 38.2 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, potentially allowing remote attackers to cause a denial of service or possibly execute arbitrary code. This could be due to memory corruption and application crash. The vulnerabilities may be related to buffer overflow. **Recommendations** For Mozilla Firefox versions prior to 40.0, update to version 40.0 or later. For Mozilla Firefox ESR versions prior to 38.2, update to version 38.2 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 32.0 Mozilla Firefox ESR (affected versions not specified) **Description** Multiple unspecified vulnerabilities in the browser engine allow remote attackers to cause a denial of service, including memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 32.0, update to version 32.0 or later to resolve the issue. For Mozilla Firefox ESR, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 23.0 SeaMonkey versions prior to 2.20 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, which can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 23.0, update to version 23.0 or later. For SeaMonkey versions prior to 2.20, update to version 2.20 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 22.0 Firefox ESR versions prior to 17.0.7 Thunderbird versions prior to 17.0.7 Thunderbird ESR versions prior to 17.0.7 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine. These vulnerabilities can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 22.0, update to version 22.0 or later. For Firefox ESR versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird versions prior to 17.0.7, update to version 17.0.7 or later. For Thunderbird ESR versions prior to 17.0.7, update to version 17.0.7 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 21.0 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, which can be exploited by remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For versions prior to 21.0, update to version 21.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 20.0 SeaMonkey versions prior to 2.17 **Description** The issue is related to multiple unspecified vulnerabilities in the browser engine, allowing remote attackers to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code. The vulnerabilities are related to vectors involving the `nsContentUtils::HoldJSObjects` function and the `nsAutoPtr` class, among other vectors. **Recommendations** For Mozilla Firefox versions prior to 20.0, update to version 20.0 or later to resolve the issue. For SeaMonkey versions prior to 2.17, update to version 2.17 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 15.0 Thunderbird versions prior to 15.0 SeaMonkey versions prior to 2.12 **Description** The issue allows remote attackers to cause a denial of service, such as memory corruption and application crash, or possibly execute arbitrary code. This is achieved through vectors related to garbage collection after certain MethodJIT execution, as well as unknown other vectors. **Recommendations** For Mozilla Firefox versions prior to 15.0, update to version 15.0 or later. For Thunderbird versions prior to 15.0, update to version 15.0 or later. For SeaMonkey versions prior to 2.12, update to version 2.12 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 4.x through 11.0 Firefox ESR versions 10.x before 10.0.4 Thunderbird versions 5.0 through 11.0 Thunderbird ESR versions 10.x before 10.0.4 SeaMonkey versions before 2.9 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions 4.x through 11.0, update to a version after 11.0. For Firefox ESR versions 10.x before 10.0.4, update to version 10.0.4 or later. For Thunderbird versions 5.0 through 11.0, update to a version after 11.0. For Thunderbird ESR versions 10.x before 10.0.4, update to version 10.0.4 or later. For SeaMonkey versions before 2.9, update to version 2.9 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.6.x through 3.6.13 Thunderbird versions 3.1.x through 3.1.7 **Description** The issue affects the browser engine, allowing remote attackers to cause a denial of service, which results in memory corruption and application crash, or possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions 3.6.x through 3.6.13, update to version 3.6.14 or later. For Thunderbird versions 3.1.x through 3.1.7, update to version 3.1.8 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.5.x through 3.5.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code. This is related to the `TraceRecorder::snapshot` function in `js/src/jstracer.cpp` and other unspecified vectors. **Recommendations** For Mozilla Firefox versions 3.5.x through 3.5.1, update to version 3.5.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.0.7 Thunderbird versions prior to 2.0.0.21 SeaMonkey version 1.1.15 **Description** The issue is related to the layout engine, which allows remote attackers to cause a denial of service, potentially leading to arbitrary code execution. This is achieved through vectors related to `gczeal`. **Recommendations** For Mozilla Firefox versions prior to 3.0.7, update to version 3.0.7 or later. For Thunderbird versions prior to 2.0.0.21, update to version 2.0.0.21 or later. For SeaMonkey version 1.1.15, update to a version later than 1.1.15.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.0.7 Thunderbird versions prior to 2.0.0.21 SeaMonkey version 1.1.15 **Description** The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. This can be achieved through several vectors, including the splice of an array with non-set elements, which causes memory corruption due to an incorrect argument passed to the ResizeSlots function. Other vectors involve `js DecompileValueGenerator`, `jsopcode.cpp`, ` defineSetter `, and `watch`, leading to assertion failures or segmentation faults. Additionally, vectors related to `gczeal`, ` defineSetter `, and `watch` can cause a hang. **Recommendations** For Mozilla Firefox versions prior to 3.0.7, update to version 3.0.7 or later. For Thunderbird versions prior to 2.0.0.21, update to version 2.0.0.21 or later. For SeaMonkey version 1.1.15, update to a version later than 1.1.15.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.x before 3.0.6 Thunderbird versions before 2.0.0.21 SeaMonkey versions before 1.1.15 **Description** The issue is related to an unspecified vulnerability in the JavaScript engine, allowing remote attackers to cause a denial of service, resulting in memory corruption and application crash, or possibly execute arbitrary code. **Recommendations** For Mozilla Firefox versions 3.x before 3.0.6, update to version 3.0.6 or later. For Thunderbird versions before 2.0.0.21, update to version 2.0.0.21 or later. For SeaMonkey versions before 1.1.15, update to version 1.1.15 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.x before 3.0.5 Thunderbird versions 2.x before 2.0.0.19 SeaMonkey versions 1.x before 1.1.14 **Description** The issue allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the `GetXMLEntity` and `FastAppendChar` functions. **Recommendations** For Mozilla Firefox versions 3.x before 3.0.5, update to version 3.0.5 or later. For Thunderbird versions 2.x before 2.0.0.19, update to version 2.0.0.19 or later. For SeaMonkey versions 1.x before 1.1.14, update to version 1.1.14 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 2.0.0.15 Thunderbird versions prior to 2.0.0.14 SeaMonkey versions prior to 1.1.10 **Description** The issue is related to the JavaScript engine and can be exploited by remote attackers to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code via unknown vectors. **Recommendations** For Mozilla Firefox versions prior to 2.0.0.15, update to version 2.0.0.15 or later. For Thunderbird versions prior to 2.0.0.14, update to version 2.0.0.14 or later. For SeaMonkey versions prior to 1.1.10, update to version 1.1.10 or later.