Mozilla has released updates for its Firefox web browser and SeaMonkey application suite to address a critical JavaScript vulnerability caused by an earlier security fix.
The patches, released Tuesday, tackle flaws detected in Firefox versions 1.5.0.9 and 2.0.0.1, as well as SeaMonkey 1.0.7.
The company had issued an update in December to tackle a JavaScript bug in Firefox, SeaMonkey and the Thunderbird email client. However, that patch generated another vulnerability that could allow JavaScript code to execute arbitrary code on the user’s computer, according to a Mozilla security advisory.
The vulnerabilities can also be exploited to conduct cross-site scripting and spoofing attacks and gain knowledge of sensitive information, according to a Secunia advisory.
The open-source software company is urging users to download Firefox version 1.5.0.10 or 2.0.0.2 and SeaMonkey version 1.1.1 or 1.0.8.
Thunderbird is not affected by the latest vulnerability, according to Mozilla.
