Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop.
https://exchange.xforce.ibmcloud.com/vulnerabilities/42154
http://www.securityfocus.com/archive/1/491355/100/0/threaded
http://www.securityfocus.com/archive/1/491354/100/0/threaded
http://www.securityfocus.com/archive/1/491197/100/0/threaded
http://www.securityfocus.com/archive/1/491196/100/0/threaded