Linux distributor Debian issued a security advisory over the weekend, warning of several problems in Mozilla and associated products such as Mozilla Firefox.
The vulnerabilities include bugs in the layout engine which could allow a denial of service attack and the execution of arbitrary code.
Vulnerabilities in the JavaScript engine could allow the same attacks, and a 'shutdown' flaw could allow remote attackers to gain privileges and install malicious code via the watch JavaScript function.
For the stable distribution of Debian, known as 'sarge', these problems have been fixed in version 1.0.4-2sarge15.
http://www.linuxlinks.com/portal/news/article.php?story=20070129092134243