The host is installed with Mozilla Firefox before 18.0, Thunderbird before 17.0.2, SeaMonkey before 2.15, Thunderbird ESR, Firefox ESR 10.0.x before 10.0.12 or 17.x before 17.0.2 and is prone to buffer overflow vulnerability. A flaw is present in the applications, which fail to handle a crafted document. Successful exploitation allows remote attackers to execute arbitrary code.