Mozilla released six security advisories on Wednesday for flaws in its Firefox, SeaMonkey and Thunderbird programs.The most serious of the vulnerabilities is a "critical" flaw in Firefox, Thunderbird and SeaMonkey that can allow crashes if exploited. Mozilla’s investigators have presumed the flaw to allow arbitrary code, according to an advisory.
All disclosed flaws were fixed in Firefox versions 220.127.116.11 and 18.104.22.168, Thunderbird 22.214.171.124 and 126.96.36.199 and SeaMonkey 1.0.9 and 1.1.2.
The Californian organisation also fixed a "moderate" security vulnerability in Thunderbird and SeaMonkey APOP Authentication, as well as three "low" impact vulnerabilities in XUL Popup Spoofing, cookie handling and form autocomplete.
Many of the third-parties who provide the extensions, such as Yahoo, Google and Facebook, have been notified of the bug but have yet to provide a patch.
Mozilla patched three flaws in two March releases.
A Mozilla representative could not immediately be reached for comment today.