Thilo Girmann

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 1.5 through 1.5.0.4 SeaMonkey versions prior to 1.0.3 **Description** The issue allows remote attackers to execute arbitrary code by changing certain properties of the `window.navigator` object that are accessed when Java starts up, which causes a crash that leads to code execution. **Recommendations** For Mozilla Firefox versions 1.5 through 1.5.0.4, update to version 1.5.0.5 or later. For SeaMonkey versions prior to 1.0.3, update to version 1.0.3 or later.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 1.5 through 1.5.0.4 SeaMonkey versions 1.0 through 1.0.2 **Description** The issue arises from improper clearing of a JavaScript reference to a frame or window, resulting in a pointer to a deleted object. This allows remote attackers to execute arbitrary native code. **Recommendations** For Mozilla Firefox versions 1.5 through 1.5.0.4, update to version 1.5.0.5 or later. For SeaMonkey versions 1.0 through 1.0.2, update to version 1.0.3 or later.