The Mozilla Foundation addressed several critical security flaws Wednesday with the release of new versions of its Firefox Web browser, Thunderbird email client and SeaMonkey all-in-one Internet application suite.
Of the 13 flaws addressed, eight have been deemed critical and could be used to conduct cross-site scripting attacks or compromise an end-user's system.
In a posting on its Web site, Danish vulnerability clearinghouse Secunia called the security flaws "highly critical."
Several of the vulnerabilities were reported by H.D. Moore, who has received publicity for his "Month of Vulnerabilities." Moore has published a new browser vulnerability each day this month in an effort to create awareness about the types of bugs that plague modern browsers and the techniques used to discover them.
Mozilla detailed each of the flaws as follows:
All the security issues are mitigated when organizations upgrade to Firefox 220.127.116.11, Thunderbird 18.104.22.168 and SeaMonkey 1.0.3, respectively.