Mozilla patched multiple vulnerabilities in Firefox, Thunderbird and SeaMonkey. In Firefox 8 holes were patched, including 5 „critical“. There was also a vulnerability that can be exploited via crafted XSLT stylesheets. Other critical vulnerability can be exploited to crash memory subsystem when processing Ogg Vorbis files. There is also a vulnerability in XPCconnect that allows to bypass security checks. All flaws can be exploited to execute arbitrary code onto victim’s computer.
Two „high“ vulnerabilities, that allowed to steal information and bypass security policy, were patched also.
The same flaws were fixed in SeaMonkey and Thunderbird.
Users should install latest versions of the software.

Source: SC Magazine
02.02.2012