Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.
lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html
lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html
lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html
lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html
lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html
lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html
secunia.com/advisories/37242
secunia.com/advisories/38770
secunia.com/advisories/38772
secunia.com/advisories/38847
secunia.com/secunia_research/2009-45/
www.debian.org/security/2010/dsa-1999
www.mandriva.com/security/advisories?name=MDVSA-2010:042
www.mandriva.com/security/advisories?name=MDVSA-2010:051
www.mozilla.org/security/announce/2010/mfsa2010-03.html
www.redhat.com/support/errata/RHSA-2010-0112.html
www.redhat.com/support/errata/RHSA-2010-0113.html
www.redhat.com/support/errata/RHSA-2010-0153.html
www.redhat.com/support/errata/RHSA-2010-0154.html
www.securityfocus.com/archive/1/509585/100/0/threaded
www.ubuntu.com/usn/USN-895-1
www.ubuntu.com/usn/USN-896-1
www.vupen.com/english/advisories/2010/0405
www.vupen.com/english/advisories/2010/0650
bugzilla.mozilla.org/show_bug.cgi?id=526500
exchange.xforce.ibmcloud.com/vulnerabilities/56361
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11227
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8615