“Critical: Highly critical Impact: Cross Site Scripting, Manipulation of data, Exposure of sensitive information, System access Where: From remote Solution Status: Vendor Patch

Software: Mozilla 0.x, Mozilla 1.0, Mozilla 1.1, Mozilla 1.2, Mozilla 1.3, Mozilla 1.4, Mozilla 1.5, Mozilla 1.6, Mozilla 1.7.x, Mozilla Firefox 0.x, Mozilla Thunderbird 0.x

Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user’s system….

Successful exploitation can lead to execution of arbitrary code.

These vulnerabilities reportedly affect versions prior to the following: - Mozilla 1.7.3 - Firefox 1.0PR - Thunderbird 0.8

Solution: The vulnerabilities have reportedly been fixed in: - Mozilla 1.7.3 - Firefox 1.0PR - Thunderbird 0.8″