A null pointer dereference in the content layout component of Firefox allows an attacker to crash the browser when a user navigates to a malicious page.
If a user browses to a malicious page that takes advantage of this vulnerability, the browser will crash. A feature in Firefox called Session Restore will restore the browser session when Firefox is restarted and will likely save user typed content in text areas as well. This feature is designed to save users’ work in the event of a crash or browser restart.
This issue is currently under investigation. Mozilla has assigned this bug an initial severity rating of low because of the minimal security risk to users.
Radware reported this issue to Mozilla.