Mozilla discovered several bugs in liboggplay which posed potential memory safety issues. The bugs which were fixed could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer.
Audio and Video capabilities were added to the Mozilla browser engine in Firefox 3.5, SeaMonkey 2.0, and Thunderbird 3.0; prior releases of these products were not affected.
David Keeler and Bob Clary reported crashes in liboggplay.