The Mozilla Foundation has released Firefox 3.6.13 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, spoof the location bar, or operate with elevated privileges. The Mozilla foundation has also released Firefox 3.5.16 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey and are addressed in Thunderbird 3.1.7 and 3.0.11 and SeaMonkey 2.0.11.
US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories released on December 9, 2010 and apply any necessary updates to help mitigate the risks.