Mozilla Thunderbird/SeaMonkey/Firefox Multiple Remote Vulnerabilities
Some of the vulnerabilities described in this BID do not require exploits.
Proof-of-concept exploits are available in the Mozilla Bugzilla database, but are not currently available to the general public.
Update: It has been revealed that Firefox 18.104.22.168 is still vulnerable to the issue outlined in MFSA 2007-02. Pages followed through 'href' links and embedded iframes inherit the character set of parent pages when a user has manually set the browser charset.
A proof of concept is available at the following URI.