Security researcher, known under nickname "MustLive", reported: [1] http://www.securityfocus.com/archive/1/511327/100/0/threaded a deficiency in the way Firefox processed web pages, with embedded images, whose resource pointed to URL, which redirected to a "mailto:" URL. If a local user was tricked into visiting of such web page, it could lead to denial of service (excessive resources consumption or crash). References: [2] http://translate.google.com/translate?hl=en&u=http://websecurity.com.ua/4206/&sl=uk&tl=en [3] http://www.mozilla.org/security/announce/2010/mfsa2010-23.html Public PoC: [4] http://websecurity.com.ua/uploads/2010/Firefox%20DoS%20Exploit.html
Official statement from Red Hat Security Response Team, regarding this deficiency: ----------------------------------------- Red Hat Security Response Team does not consider a user assisted denial of service (and potential crash) of end user application, such a Firefox, to be a security issue.