|Multiple unspecified vulnerabilities in Mozilla Firefox before
220.127.116.11 and 3.x before 3.0.2, Thunderbird before 18.104.22.168, and
SeaMonkey before 1.1.12 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
misinterpretation of the characteristics of Namespace and QName in
jsxml.c, (2) misuse of signed integers in the nsEscapeCount function
with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed
function in nsJSNPRuntime.cpp.