The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 2.0.0.11 (including) |
Seamonkey | Mozilla | * | 1.1.7 (including) |
Thunderbird | Mozilla | * | 2.0.0.11 (including) |