firefox is vulnerable to denial of service (DoS) attacks. The vulnerability exists through multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
rhn.redhat.com/errata/RHSA-2015-1586.html
rhn.redhat.com/errata/RHSA-2015-1682.html
www.debian.org/security/2015/dsa-3333
www.debian.org/security/2015/dsa-3410
www.mozilla.org/security/announce/2015/mfsa2015-79.html
www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
www.securitytracker.com/id/1033247
www.securitytracker.com/id/1033372
www.ubuntu.com/usn/USN-2702-1
www.ubuntu.com/usn/USN-2702-2
www.ubuntu.com/usn/USN-2702-3
www.ubuntu.com/usn/USN-2712-1
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=1146213
bugzilla.mozilla.org/show_bug.cgi?id=1178890
bugzilla.mozilla.org/show_bug.cgi?id=1182711
rhn.redhat.com/errata/RHSA-2015-1586.html
security.gentoo.org/glsa/201605-06
www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.2