Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method.
blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox
lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html
lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html
secunia.com/advisories/42867
support.avaya.com/css/P8/documents/100120156
www.debian.org/security/2010/dsa-2124
www.mandriva.com/security/advisories?name=MDVSA-2010:210
www.mandriva.com/security/advisories?name=MDVSA-2010:211
www.mozilla.org/security/announce/2010/mfsa2010-65.html
www.redhat.com/support/errata/RHSA-2010-0782.html
www.redhat.com/support/errata/RHSA-2010-0861.html
www.redhat.com/support/errata/RHSA-2010-0896.html
www.ubuntu.com/usn/USN-997-1
www.ubuntu.com/usn/USN-998-1
www.vupen.com/english/advisories/2011/0061
bugzilla.mozilla.org/show_bug.cgi?id=583077
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11675