A vulnerability has been reported in multiple Mozilla products.
Mozilla Firefox 10.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 10.x
A vulnerability has been reported in multiple Mozilla products, which can be exploited by malicious people to compromise a user's system.
A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
The vulnerability is caused due to a use-after-free error in the "nsXBLDocumentInfo::ReadPrototypeBindings()" method when handling XBL bindings in a hash table and can be exploited to cause a cycle collector to call an invalid virtual function.
Remote system access
Update Firefox and Thunderbird to version 10.0.1 and SeaMonkey to version 2.7.1.