SeaMonkey has spoofable SSL Indicator. A flaw was found in the way SeaMonkey displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page.
secunia.com/advisories/37699
secunia.com/advisories/37703
secunia.com/advisories/37704
secunia.com/advisories/37785
secunia.com/advisories/37813
secunia.com/advisories/37856
secunia.com/advisories/37881
securitytracker.com/id?1023342
securitytracker.com/id?1023343
www.debian.org/security/2009/dsa-1956
www.mozilla.org/security/announce/2009/mfsa2009-69.html
www.novell.com/linux/security/advisories/2009_63_firefox.html
www.redhat.com/security/updates/classification/#critical
www.securityfocus.com/bid/37349
www.securityfocus.com/bid/37367
www.ubuntu.com/usn/USN-873-1
www.ubuntu.com/usn/USN-874-1
www.vupen.com/english/advisories/2009/3547
access.redhat.com/errata/RHSA-2009:1673
bugzilla.mozilla.org/show_bug.cgi?id=521461
bugzilla.redhat.com/show_bug.cgi?id=546722
exchange.xforce.ibmcloud.com/vulnerabilities/54806
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8379
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9791
rhn.redhat.com/errata/RHSA-2009-1673.html
rhn.redhat.com/errata/RHSA-2009-1674.html
www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html
www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html
www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html