Firefox 3.0.9 – Mozilla’s third update to fix 12 security vulnerabilities
According to a security advisory posted by Mozilla on Tuesday, the recently-released third update of Firefox 3 - Firefox 3.0.9 - patches as many as 12 security vulnerabilities, four of which can be termed 'critical'.
So far as general bugs are concerned, Firefox 3.0.9 - weighing 17.2 MB, and available for Mac OS X, Windows, and Linux - fixes problems such as long time taken to submit big forms; non-display of inline image attachments in webmail services, and the loss of cookies.
Out of the critical security bugs fixed, one deals with the crashes resulting from memory corruption which, in the opinion of the developers, could have been used someday to run arbitrary code. Among the two other high-profile bugs include ones involving a misinterpretation of a particular Adobe Flash code susceptible of being exploited; and another involving URI mismatch that also could also bring about arbitrary JavaScript executions.
About the release of the update - prior to the launch of Mozilla's fourth beta test of Firefox 3.5 - the security advisory post said: "Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort, at least some of these could be exploited to run arbitrary code."