Keith Victor

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 2.x before 2.0.0.1 Mozilla Firefox versions 1.5.x before 1.5.0.9 Thunderbird versions before 1.5.0.9 SeaMonkey versions before 1.0.7 **Description** The `js dtoa` function overwrites memory instead of exiting when the floating point precision is reduced. This allows remote attackers to cause a denial of service via any plugins that reduce the precision. **Recommendations** For Mozilla Firefox versions 2.x before 2.0.0.1, update to version 2.0.0.1 or later. For Mozilla Firefox versions 1.5.x before 1.5.0.9, update to version 1.5.0.9 or later. For Thunderbird versions before 1.5.0.9, update to version 1.5.0.9 or later. For SeaMonkey versions before 1.0.7, update to version 1.0.7 or later.