Mozilla has released Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey. Two of these vulnerabilities were previously fixed in Firefox 18.104.22.168 as well; please see the US-CERT Current Activity entry Mozilla Releases Firefox 22.214.171.124 for additional information.
US-CERT encourages users to review the following Mozilla Foundation Security Advisories and upgrade to Firefox 3.0.1 or implement the workarounds provided in the documents to help mitigate the risks:
- MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
- MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running
- MFSA 2008-36 : Crash with malformed GIF file on Mac OS X
Related Posts: On this day...
- 650+ hp Ariel Atom - 2011
- RIM CEOs: Apple's attempt to draw RIM into self-made debacle is unacceptable - 2010
- Solar eclipse at Easter Island - 2010
- Amazon zaps purchased copies of Orwell's 1984 and Animal Farm from Kindles - 2009
- The next generation of CAPTCHA - 2008
- If you've used a telephone in the last 5 years... - 2008