The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities.
- Firefox 26
- Firefox ESR 24.2
- Thunderbird 24.2
- SeaMonkey 2.23
These vulnerabilities could allow a remote attacker to bypass intended security restrictions, conduct a spoofing attack, execute arbitrary code, or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 26, Firefox ESR 24.2, Thunderbird 24.2, and SeaMonkey 2.23 and apply any necessary updates to help mitigate the risk.