The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | * | 2.0.0.11 (including) |
| Seamonkey | Mozilla | * | 1.1.7 (including) |
| Thunderbird | Mozilla | * | 2.0.0.11 (including) |
| Red Hat Enterprise Linux 2.1 | RedHat | seamonkey-0:1.0.9-0.9.el2 | * |
| Red Hat Enterprise Linux 3 | RedHat | seamonkey-0:1.0.9-0.9.el3 | * |
| Red Hat Enterprise Linux 4 | RedHat | firefox-0:1.5.0.12-0.10.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | seamonkey-0:1.0.9-9.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | thunderbird-0:1.5.0.12-8.el4 | * |
| Red Hat Enterprise Linux 5 | RedHat | firefox-0:1.5.0.12-9.el5 | * |
| Red Hat Enterprise Linux 5 | RedHat | thunderbird-0:1.5.0.12-8.el5 | * |
| Firefox | Ubuntu | dapper | * |
| Firefox | Ubuntu | edgy | * |
| Firefox | Ubuntu | feisty | * |
| Firefox | Ubuntu | gutsy | * |
| Firefox | Ubuntu | hardy | * |
| Firefox | Ubuntu | upstream | * |
| Iceape | Ubuntu | gutsy | * |
| Mozilla-thunderbird | Ubuntu | dapper | * |
| Mozilla-thunderbird | Ubuntu | edgy | * |
| Mozilla-thunderbird | Ubuntu | feisty | * |
| Thunderbird | Ubuntu | devel | * |
| Thunderbird | Ubuntu | gutsy | * |
| Thunderbird | Ubuntu | hardy | * |
| Thunderbird | Ubuntu | intrepid | * |
| Xulrunner | Ubuntu | devel | * |
| Xulrunner | Ubuntu | edgy | * |
| Xulrunner | Ubuntu | feisty | * |
| Xulrunner | Ubuntu | gutsy | * |
| Xulrunner | Ubuntu | hardy | * |
| Xulrunner | Ubuntu | intrepid | * |
| Xulrunner | Ubuntu | upstream | * |