Mozilla Firefox, Thunderbird, and SeaMonkey contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability is due to a memory corruption error in the affected software while processing certain web pages. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to visit a malicious web page. When visited, the page could trigger a memory corruption error. The attacker could use the memory corruption error to execute arbitrary code on the system.
Mozilla has confirmed this vulnerability and released updated software.