Firefox has been updated to version 3.5.6 and has fixed several security and stability issues. Security advisories on each bug label three of the seven major bugs as critical, one as high, and two as moderate, with the remaining bug fix having no security designation.
- MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
- MFSA 2009-70 Privilege escalation via chrome window.opener
- MFSA 2009-69 Location bar spoofing vulnerabilities
- MFSA 2009-68 NTLM reflection vulnerability
- MFSA 2009-67 Integer overflow, crash in libtheora video library
- MFSA 2009-66 Memory safety fixes in liboggplay media library
- MFSA 2009-65 Crashes with evidence of memory corruption (rv:220.127.116.11/ 18.104.22.168)