Several heap buffer overflows were discovered and fixed in the most recent versions of Mozilla, Firefox, and Thunderbird. These overflows may occur when:
Using the "Send Page" function. Checking mail on a malicious POP3 server. Processing non-ASCII URLs.
Each of these vulnerabilities may be exploited for remote code execution.