H. D. Moore

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 1.5 through 1.5.0.4 Thunderbird versions 1.5 through 1.5.0.4 SeaMonkey versions 1.0 through 1.0.2 **Description** A race condition exists in the JavaScript garbage collection, potentially allowing remote attackers to execute arbitrary code. This occurs when the garbage collector deletes a temporary variable while it is still being used during the creation of a new Function object. **Recommendations** For Mozilla Firefox versions 1.5 through 1.5.0.4, update to version 1.5.0.5 or later. For Thunderbird versions 1.5 through 1.5.0.4, update to version 1.5.0.5 or later. For SeaMonkey versions 1.0 through 1.0.2, update to version 1.0.3 or later.