The host is installed with Mozilla Firefox before 44.0 or Mozilla Thunderbird 38.x before 38.6 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle vectors related to uninitialized memory encountered during brotli data compression. Successful exploitation allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code.