Home arrow US-CERT Computer Emergency Readiness Team arrow Mozilla Releases Firefox 3.0.1

Mozilla Releases Firefox 3.0.1

Mozilla has released Firefox 3.0.1Firefox 3.0.1 to address three vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. One of these vulnerabilities may also affect Thunderbird and SeaMonkey. Two of these vulnerabilities were previously fixed in Firefox 2.0.0.16Firefox 2.0.0.16 as well; please see the US-CERT Current Activity entry Mozilla Releases Firefox 2.0.0.16Mozilla Releases Firefox 2.0.0.16 for additional information.

US-CERT encourages users to review the following Mozilla Foundation Security Advisories and upgrade to Firefox 3.0.1Firefox 3.0.1 or implement the workarounds provided in the documents to help mitigate the risks:

  • MFSA 2008-34MFSA 2008-34 : Remote code execution by overflowing CSS reference counter
  • MFSA 2008-35MFSA 2008-35 : Command-line URLs launch multiple tabs when Firefox not running
  • MFSA 2008-36MFSA 2008-36 : Crash with malformed GIF file on Mac OS X

Read more: US-CERT Current Activity