Versions of SeaMonkey earlier than 2.23 are prone to the following vulnerabilities:
Miscellaneous memory safety hazards (CVE-2013-5609, CVE-2013-5610)
Potential XSS vulnerability via cross-domain inheritance of charset (CVE-2013-5612)
Sandbox restrictions are not properly applied to nested object elements, which could be leveraged to bypass restrictions (CVE-2013-5614)
Use-after-free in event listeners, table editing user interface, synthetic mouse movement can lead to a potentially exploitable crash (CVE-2013-5616, CVE-2013-5613, CVE-2013-5618)
Binary search algorithms in the Javascript engine are contain potential out-of-bounds array access, though these are not directly exploitable (CVE-2013-5619)
Segmentation violation when replacing ordered list elements in a document via script can lead to a potentially exploitable crash (CVE-2013-6671)
On Linux systems, clipboard content may be made accessible to web content when a user pastes a selection with a middle-click, which can lead to information disclosure (CVE-2013-6672)
Extended validation root certificates remain trusted even if the user has explicitly removes the trust. (CVE-2013-6673)
GetElementIC typed arrays can be generated outside observed typesets, with unknown security impact (CVE-2013-5615)
Issues in the JPEG image processing library can allow arbitrary memory to be read, as well as cross-domain theft (CVE-2013-6629, CVE-2013-6630)
An intermediary CA that is chained up to a root within Mozilla’s root store was revoked for supplying an intermediate certificate that allowed a man-in-the-middle proxy to perform traffic management of domain names and IP addresses the certificate holder did not own or control.
Binary data 8072.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5610
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5613
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5616
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5618
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6671
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6673
www.mozilla.org/security/announce/2013/mfsa2013-104.html
www.mozilla.org/security/announce/2013/mfsa2013-106.html
www.mozilla.org/security/announce/2013/mfsa2013-107.html
www.mozilla.org/security/announce/2013/mfsa2013-108.html
www.mozilla.org/security/announce/2013/mfsa2013-109.html
www.mozilla.org/security/announce/2013/mfsa2013-110.html
www.mozilla.org/security/announce/2013/mfsa2013-111.html
www.mozilla.org/security/announce/2013/mfsa2013-112.html
www.mozilla.org/security/announce/2013/mfsa2013-113.html
www.mozilla.org/security/announce/2013/mfsa2013-114.html
www.mozilla.org/security/announce/2013/mfsa2013-115.html
www.mozilla.org/security/announce/2013/mfsa2013-116.html
www.mozilla.org/security/announce/2013/mfsa2013-117.html