Package Instance

Google security researcher Michal Zalewski reported an issue
where the browser displayed the content of a proxy's 407 response if a user
canceled the proxy's authentication prompt. In this circumstance, the addressbar
will continue to show the requested site's address, including HTTPS addresses
that appear to be secure. This spoofing of addresses can be used for phishing
attacks by fooling users into entering credentials, for example.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.

Mozilla developers identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of these
bugs showed evidence of memory corruption under certain circumstances, and we
presume that with enough effort at least some of these could be exploited to run
arbitrary code.In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.

Security researcher Abhishek Arya (Inferno) of the Google
Chrome Security Team used the Address Sanitizer tool to discover a series of
use-after-free, out of bounds read, and buffer overflow problems rated as low to
critical security issues in shipped software. Some of these issues are
potentially exploitable, allowing for remote code execution. We would also like
to thank Abhishek for reporting four additional use-after-free and out of bounds
write flaws introduced during Firefox development that were fixed before general
release. 
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.

Mozilla security researcher Frederik Braun discovered that
since Firefox 15 the file system location of the active browser profile was
available to JavaScript workers. While not dangerous by itself, this could
potentially be combined with other vulnerabilities to target the profile in an
attack.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.

Mozilla developer Bobby Holley discovered that it was
possible to bypass some protections in Chrome Object Wrappers (COW) and System
Only Wrappers (SOW), making their prototypes mutable by web content. This could
be used leak information from chrome objects and possibly allow for arbitrary
code execution.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.

Security researcher Nils reported a use-after-free in
nsImageLoadingContent when content script is executed. This could
allow for arbitrary code execution.
In general these flaws cannot be exploited through email in the
Thunderbird and SeaMonkey products because scripting is disabled, but are
potentially a risk in browser or browser-like contexts in those products.