CVE-2010-1990

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.6.x through 3.0.19 and earlier SeaMonkey (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service by launching excessive mail applications via an HTML document with many IFRAME elements, specifically when an IFRAME element has a mailto: URL in its SRC attribute.

Recommendations For Mozilla Firefox versions 3.6.x through 3.0.19 and earlier, consider disabling the handling of mailto: URLs in IFRAME elements to prevent excessive application launches. For SeaMonkey, at the moment, there is no information about a newer version that contains a fix for this vulnerability.