Firefox 3.0.2 Released

Firefox 3.0.2 was released today. The release notes are available here.

It addresses 5 security vulnerabilities:

  • MFSA-2008-40 - forced mouse drag
  • MFSA-2008-41 - Privilege escalation via XPCnativeWrapper pollution
  • MFSA-2008-42 - Crashes with evidence of memory corruption (rv:
  • MFSA-2008-43 - BOM characters stripped from JavaScript before execution
  • MFSA-2008-44 - resource: traversal vulnerabilities

Mozilla considers the impact of the -41 and -42 issues to be critical, the -43 and -44 issues to be moderate and the -40 issue to be low.

David Goldsmith
SANS / ISC Handler


78 Posts
Sep 24th 2008

Sign Up for Free or Log In to start participating in the conversation!