Mozilla has released Security Advisory 2009-42 and Security Advisory 2009-43 to address multiple vulnerabilities in Firefox. The vulnerability described in Security Advisory 2009-42 may allow an attacker to intercept and modify encrypted communication. The vulnerability described in Security Advisory 2009-43 may allow an attacker to execute arbitrary code by sending a specially crafted certificate to the client.

US-CERT encourages users to review Mozilla Foundation Security Advisories 2009-42 and 2009-43 and apply any necessary updates or workarounds to help mitigate the risks.

US-CERT will provide more information as it becomes available.

Read more: US-CERT Current Activity