Firefox: Version 3.0.11 fixes several security vulnerabilities
The latest version 3.0.11 of Mozilla's Firefox is now available for download and fixes some security holes.
Mozilla publishes Firefox in version 3.0.11 and has fixed nine security vulnerabilities in total. Four were classified as critical and one as high.
One problem report summarizes three vulnerabilities that could cause a browser crash - even malicious code could be introduced so that they were classified as critical. Critical as well is the so-called race condition while deleting Java objects which would allow attackers to run malicious code. If applicable, Firefox could run Java Script Event Handler in a wrong context, for example with Chrome rights, which means the GUI of the browser.
The security hole classified as high affects SSL encryption and proxy servers. Here the attacker could run SSL secured websites with the aid of prepared proxy answers including malicious Java scripts.
New versions of Seamonkey and Thunderbird will follow since they are affected by those security problems as well. Details about current and past security issues can be found in the Security Advisories for Firefox 3.0.