Обнаружены множественные уязвимости в ветке 1.1.x MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI Официального исправления пока ещё не выпущено.
В 1.1.17 были исправлены следующие уязвимости: MFSA 2009-33 Crash viewing multipart/alternative message with text/enhanced part MFSA 2009-32 JavaScript chrome privilege escalation MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests MFSA 2009-26 Arbitrary domain cookie access by local file: resources MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11) MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme Видимо, для seamonkey не все актуально.
Они актуальны для seamonkey, просто они не были исправлены.