The Mozilla Foundation has released Firefox 3.6.14 and Firefox 3.5.17 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site request forgery attacks, cause a denial-of-service condition, or operate with elevated privileges.
Some of these vulnerabilities also affect Thunderbird and SeaMonkey. The Mozilla Foundation has released Thunderbird 3.1.8 and SeaMonkey 2.0.12 to address these vulnerabilities.
US-CERT encourages users and administrators to review the Mozilla Foundation security advisories for Firefox 3.6.14 and apply any necessary updates to help mitigate the risks.
This product is provided subject to this Notification and this Privacy & Use policy.