Five vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.

Five vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.

1) Stability bugs in the browser engine used in Firefox and Mozilla-based products. Crashes show evidence of memory corruption. Successful exploitation allows execution of arbitrary code.

2) Mozilla's NTLM implementation was vulnerable to reflection attacks. NTLM credential from one application could be forwarded to another arbitrary application via browser.

3) A page loaded over insecure protocol will receive SSL indicators near location bar, but will not have page content modified.

4) Content window retains reference via window.opener propoerty. Can use reference to run arbitrary JavaScript code with chrome privileges.

5) GeckoActiveXObject exception messages can be used to enumerate COM objects and track browsin sessions.

Update to to version 3.0.16

1) Disable JavaScript until fixes are installed

-