In the current Firefox version 3.6.13 there are several changes that improve both the stability and the security of the browser. In total there were 11 security-related updates.
- Incomplete fix for CVE-2010-0179
- Integer overflow vulnerability in NewIdArray
- Use-after-free error with nsDOMAttribute MutationObserver
- Java security bypass from LiveConnect loaded via data: URL meta refresh
- Add support for OTS font sanitizer
- Crash and remote code execution using HTML tags inside a XUL tree
- Chrome privilege escalation with window.open and ISINDEX element
- Buffer overflow while line breaking after document.write with long string
- Miscellaneous memory safety hazards
- Location bar SSL spoofing using network error page
- XSS hazard in multiple character encodings
