Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

1. Some unspecified errors exist, which can be exploited to cause memory corruption.
2. An error exists related to inherited character set encoding information, which can be exploited to bypass the cross-site scripting filtering.
3. An error exists when handling an <object> element contained within a sandboxed iframe, which can be exploited to bypass sandbox restrictions.
4. A use-after-free error exists in the "nsEventListenerManager::HandleEventSubType()" function (nsEventListenerManager.cpp) and "nsNodeUtils::LastRelease()" method (nsNodeUtils.cpp).
5. An error exists when inserting an ordered list into a document through script within the "nsGfxScrollFrameInner::IsLTR()" function.
6. An error exists when pasting a selection with a middle-click, which can be exploited to disclose data saved to the clipboard.
7. An error exists when validating extended validation (EV) certificates, which can lead to the validation of an EV capable root certificate.
8. A use-after-free error exists related to synthetic mouse movement in the "DispatchSynthMouseMove()" virtual method and "GetHoverGeneration()" function (RestyleManager.h), which can be exploited to corrupt heap-based memory.
9. An error exists when generating GetElementIC typed array stubs outside observed typesets during JavaScript compilation.
10. Two errors exist within a bundled vulnerable version of libjpeg.