We have confirmed a bug in Firefox 18.104.22.168 with DoS possibilities. When you download the source of the following page you will see what it does. It will open 100 mailforms, so be cautions when you open the link!
One way to mitigate this: set
“network.protocol-handler.warn-external.mailto’ to ‘true’ (its false by
default). This will show a popup dialog whenever a mailto link is
clicked (or opened in your case) instead of launching the mail
application right away. You still need to click the button 100 times,
but at least the system stays responsive.
Thanks to the guys at isc.sans.org for this workaround!
Update 2: Guys, this is a PoC, do you understand what it can do? Now it opens ~100 mailwindows, but what if it does a lot worse, just because the img xsrc= tag can be used to open allmost everything?