Mandriva Linux Security Advisory 2009-185 - Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.0.x. These findings relate to cross site scripting and code execution issues.
e64f2949cd6e719f09fc85e49d34aeb30bdcac70bb5473d8283aa421066ff23c
Debian Security Advisory 1820-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
7b5d3b0a439f9bf630e0430301b87524237426c51c21e9ac498ad7d2f0f32c39
Mandriva Linux Security Advisory 2009-134 - Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.x. These range from race conditions to various denial of service issues.
603045791d04fc6b8c4abb223f0ad8a26e934c272c766d581768ddaed03f47ce
Ubuntu Security Notice USN-779-1 - Several flaws were discovered in the browser and JavaScript engines of Firefox. Pavel Cvrcek discovered that Firefox would sometimes display certain invalid Unicode characters as whitespace. Gregory Fleischer, Adam Barth and Collin Jackson discovered that Firefox would allow access to local files from resources loaded via the file: protocol. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Firefox did not properly handle error responses when connecting to a proxy server. Wladimir Palant discovered Firefox did not check content-loading policies when loading external script files into XUL documents. It was discovered that Firefox could be made to run scripts with elevated privileges.
4b1fdb412e2b54dca514e5aa57046f7901ab30c8d647f187151e3f4ccaf6738c
Secunia Research has discovered a vulnerability in Firefox, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a race condition when accessing the private data of an NPObject JS wrapper class object if navigating away from a web page while loading a Java applet. This can be exploited via a specially crafted web page to use already freed memory. Successful exploitation may allow execution of arbitrary code. Firefox versions 3.0.7, 3.0.8, and 3.0.9 for Windows with JRE 6 Update 13 are affected.
59a414dd2e58d6c33945c4e0a4203f55a583994a9ddb89946f7965278edcebe0