The Mozilla Foundation has released Firefox 3.6.9 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, leverage cross-site scripting attacks, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.12 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.
US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories released on September 7, 2010 and apply any necessary updates to help mitigate the risks.