coopster - 2:44 pm on Apr 17, 2008 (gmt 0) However, Mozilla states [mozilla.org] that Either way, get your patch.
US-CERT states that
Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.
However, Mozilla states [mozilla.org] that
Either way, get your patch.