Mozilla Firefox is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to cause the browser to stop responding, thus denying service to legitimate users.
Vulnerable: Mozilla Firefox 3.0.10
14/12/2008 : Created bugzilla entry (security) with (the wrong) proof of concept file.
14/12/2008 : Attached the correct POC file (mea culpa) and a stack trace and details of memory corruption that repeatitly occured during testing the POC
24/12/2008 : firstname.lastname@example.org comments : "I can definitely confirm the denial of service aspect, and there’s a very minor memory leak (after 9 hours of CPU time memory use went from 60MB to 360MB). Haven’t been able to reproduce a crash."
27/05/2009 : The 4 month grace period  given is reached. Release of this advisory.