Firefox crash in proxy auto-configuration regexp parsing

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime...

Crash in proxy auto-configuration regexp parsing — Mozilla

Security researcher Marco C. reported a flaw in the parsing of regular expressions used in Proxy Auto-configuration PAC files. In certain cases this flaw could be used by an attacker to crash a victim's browser and run arbitrary code on their computer. Since this vulnerability requires the victim...

security flaw

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

security flaw

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...