The host is installed with Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Mozilla Thunderbird before 3.0.11 and 3.1.x before 3.1.7, or Mozilla SeaMonkey before 2.0.11 and is prone to buffer overflow vulnerability. A flaw is present in the string handling, which causes overflow in line breaking routines attempting to process the string for display, when document.write() is called with a very long string. Successful exploitation could allow attackers to trigger an invalid read past the end of an array causing a crash which can be potentially used to run arbitrary code on a victim's computer.