The nine advisories cover vulnerabilities ranging from the ability to spoof pop-up windows to the possibility of remote execution of malicious code.
The vulnerability was rated 'critical', the highest of Mozilla's four threat levels.
The second 'critical' flaw addressed a group of non-specified updates which, if exploited, could lead to a memory corruption error that could then allow an attacker to access the targeted system and remotely execute code.
Mozilla also issued updates for a pair of 'high risk' flaws, including a vulnerability in the Java component which could allow an attacker to access arbitrary connection ports.
Another 'high risk' flaw could allow an attacker to spoof pop-up windows on the target system.
Other fixes are for a vulnerability that could allow for the spoofing of URL referrers, and a set of vulnerabilities which could allow for cross-site scripting.
Mozilla issues 'critical' Firefox fixes
By Shaun Nichols on Mar 29, 2008 11:01AM