The Mozilla Foundation has released updates to address multiple vulnerabilities. These vulnerabilities could allow an attacker to initiate a cross-site scripting attack or obtain sensitive information, enable privilege escalation or execute arbitrary code, or cause a denial-of-service condition.
Updates to the following products are available:
- Firefox 20
- Firefox ESR 17.0.5
- Thunderbird 17.0.5
- Thunderbird ESR 17.0.5
- SeaMonkey 2.17
US-CERT encourages users and administrators to review the Mozilla Foundation Advisories for Firefox 20, Firefox ESR 17.0.5, Thunderbird 17.0.5, Thunderbird ESR 17.0.5, and SeaMonkey 2.17 and apply any necessary updates to help mitigate the risk.