Firefox 3.0.12 Fixes Five Critical Security Issues

Jul 23, 2009

Mozilla recommends its updated Firefox 3.0.12 version for its new 3.0 series in that it removes a few critical security issues.

The critical vulnerabilities resolved in Firefox 3.0.12 include those mentioned in Mozilla's Security Advisory: MFSA 2009-35 (Flash player crash and remote code execution), MFSA-2009-37 (ditto for the SVG element) and MFSA 2009-34 (memory corruption) that were vulnerable to attacks.

The MFSA 2009-37 vulnerability also affected the JavaScript-to-Chrome interface under conditions. A further MFSA 2009-36 caused heap/integer overflows in the font glyph rendering libraries. A high, if not critical, vulnerability resolved was MFSA 2009-40 involving cross-site scripting (XSS).

Further changes are described in the 3.0.12 release notes. The Mozilla site includes the fully localized downloads. The update also works with the browser's built-in update feature and Linux distro package managers.

Related content


  • New 3.0 series?

    Firefox 3.5 is new, 3.0 not so much.
comments powered by Disqus