Mozilla Products Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system.

1. Due to memory corruption errors in the browser engine when parsing malformed data, which could be exploited by attackers to crash a vulnerable browser or execute arbitrary code.
2. Due to an error when handling a recursive call to "eval()" wrapped in a try or catch statement, which could be exploited to force a user into accepting any dialog (e.g. to grant elevated privileges to a malicious web page).
3. Due to a user-after-free error related to a method used by "JSON.stringify", which could allow attackers to execute arbitrary code.
4. Due to a buffer overflow error related to the JavaScript engine's internal memory mapping of non-local JS variables, which could allow attackers to execute arbitrary code.
5. Due to a buffer overflow error related to the JavaScript engine's internal memory mapping of string values, which could allow attackers to execute arbitrary code.
6. Due to a use-after-free error related to Web Workers, which could allow attackers to execute arbitrary code.
7. Due to a memory corruption error during text run construction, which could allow attackers to execute arbitrary code.
8. Due to an error in the "ParanoidFragmentSink" class that allows "javascript:" URLs and inline JavaScript when the embedding document is a chrome document, which could allow code injection via an affected extension.
9. Due to a buffer overflow error when decoding JPEG images, which could allow attackers to execute arbitrary code.
10. Due to an error when plugin-initiated requests receive a 307 redirect response, which could allow cross-site request forgery attacks.