The Mozilla Foundation has released <A HREF="http://www.eweek.com/article2/0,1895,2140453,00.asp?kc=EWKNLBOE060207STR2">security updates to fix multiple flaws</A> that could result in system hijacking in its open-source Firefox browser, Thunderbird email client and SeaMonkey Internet applications suite.
The bugs, deemed critical, are detailed in Mozilla's Security Advisory 2007-12. They include multiple vulnerabilities in Mozilla's Layout Engine and in its JavaScript engine that can result in memory corruption and lead to system takeover or DoS (denial of service). The function of a layout engine is to handle content such as HTML, XML, image files and applets as well as formatting information including CSS (Cascading Style Sheets) and presentational HTML tags. The layout engine displays the formatted content on-screen, filling in the browser's content area.