Firefox 3.5.1 Released

Posted Jul 20, 2009

Mozilla released a minor update to FireFox 3.5. The update addresses a security vulnerability in TraceMonkey. TraceMonkey adds native compilation support to FireFox’s JavaScript engine. The vulnerability could possibly be exploited by an attacker to run code. Here is the text from the bug report.

Firefox user zbyte reported a crash that we determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, such as escape(), the Just-in-Time (JIT) compiler could get into a corrupt state. This could be exploited by an attacker to run arbitrary code such as installing malware.

FireFox 3.5.1 also addresses several stability and load issues.

All the release notes can be viewed here.