firefox is vulnerable to denial of service (DoS) attacks. The vulnerability exists as multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html
lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
lists.opensuse.org/opensuse-updates/2016-02/msg00101.html
lists.opensuse.org/opensuse-updates/2016-02/msg00105.html
rhn.redhat.com/errata/RHSA-2016-0071.html
rhn.redhat.com/errata/RHSA-2016-0258.html
www.debian.org/security/2016/dsa-3457
www.debian.org/security/2016/dsa-3491
www.mozilla.org/security/announce/2016/mfsa2016-01.html
www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
www.securityfocus.com/bid/81953
www.securitytracker.com/id/1034825
www.ubuntu.com/usn/USN-2880-1
www.ubuntu.com/usn/USN-2880-2
www.ubuntu.com/usn/USN-2904-1
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=1221385
bugzilla.mozilla.org/show_bug.cgi?id=1223670
bugzilla.mozilla.org/show_bug.cgi?id=1224200
bugzilla.mozilla.org/show_bug.cgi?id=1230483
bugzilla.mozilla.org/show_bug.cgi?id=1230639
bugzilla.mozilla.org/show_bug.cgi?id=1230668
bugzilla.mozilla.org/show_bug.cgi?id=1230686
bugzilla.mozilla.org/show_bug.cgi?id=1233152
bugzilla.mozilla.org/show_bug.cgi?id=1233346
bugzilla.mozilla.org/show_bug.cgi?id=1233925
bugzilla.mozilla.org/show_bug.cgi?id=1234280
bugzilla.mozilla.org/show_bug.cgi?id=1234571
rhn.redhat.com/errata/RHSA-2016-0071.html
security.gentoo.org/glsa/201605-06
www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/#firefoxesr38.6