Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2419 to the following vulnerability: Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence. References: http://www.0x000000.com/?i=576 http://www.securityfocus.com/bid/29318 http://xforce.iss.net/xforce/xfdb/42589
It is possible that this could affect Seamonkey 1.1.x, however there is no further information available on this issue, and it looks like it may only affect Windows. It also looks as though this issue may be more related to the java interpreter than to firefox itself. Regardless, upstream is unable to reproduce or determine this to be security significant in firefox itself. https://bugzilla.mozilla.org/show_bug.cgi?id=323026 https://bugzilla.mozilla.org/show_bug.cgi?id=275783 https://bugzilla.mozilla.org/show_bug.cgi?id=256763