<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-3664" target="_blank">CVE</a>)</em> : Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site.

Upgrade to Firefox and Thunderbird to version 9.0 or higher, and SeaMonkey to version 2.6 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• Security Tracker: 1026445 1026446 1026447
• OVAL ID: 14574
• CVE ID: 2011-3664 (see also: NVD)
• Secunia Advisory ID: 47302 47334
• Related OSVDB ID: 77951 77952 77953 77954 77956
• Vendor Specific News/Changelog Entry: http://www.mozilla.org/security/announce/2011/mfsa2011-57.html
  https://bugzilla.mozilla.org/show_bug.cgi?id=649079 [ Auth Req'd ]

Unknown or Incomplete