The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities.
- Firefox 22.0
- Firefox ESR 17.0.7
- Thunderbird 17.0.7
- Thunderbird ESR 17.0.7
These vulnerabilities could allow a remote attacker to execute arbitrary code and potentially cause a cross-site scripting attack, domain spoofing, denial-of-service condition, local privilege escalation, and information disclosure.
US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 22.0, Firefox ESR 17.0.7, Thunderbird 17.0.7, and Thunderbird ESR 17.0.7 and apply any necessary updates to help mitigate the risk.