Secunia

Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system.

1) An error when processing "file:" URIs can be exploited to execute arbitrary JavaScript code with chrome privileges by tricking a user into opening a malicious local file in a tab previously opened for a "chrome:" document or a privileged "about:" URI.

2) Various errors in the layout engine can be exploited to cause memory corruptions and potentially execute arbitrary code.

3) An error in the browser engine can be exploited to cause a crash.

For more information see vulnerability #5 in:
SA32693

4) An error in the JavaScript engine can be exploited to cause a memory corruption and potentially execute arbitrary code.

5) An error in the browser's restore feature can be exploited to violate the same-origin policy.

For more information see vulnerability #7 in:
SA32693

6) An error in the processing of the "http-index-format" MIME type can be exploited to execute arbitrary code.

For more information see vulnerability #8 in:
SA32693

7) An error in the DOM constructing code can be exploited to dereference uninitialized memory and potentially execute arbitrary code:

For more information see vulnerability #9 in:
SA32693

8) An error in "nsXMLHttpRequest::NotifyEventListeners()" can be exploited to bypass certain security restrictions.

For more information see vulnerability #10 in:
SA32693

9) An error can be exploited to manipulate signed JAR files and execute arbitrary JavaScript code in the context of another site.

For more information see vulnerability #11 in:
SA32693

10) An error exists when parsing E4X documents can be exploited to inject arbitrary XML code.

For more information see vulnerability #12 in:
SA32693

The vulnerabilities are reported in versions prior to 3.0.4.

Solution
Update to version 3.0.4.

Provided and/or discovered by
The vendor credits:
1) Luke Bryan
2) Jesse Ruderman and Martijn Wargers
3) Daniel Veditz
4) Joachim Kuebart
5) David Bloom and moz_bug_r_a4
6) Justin Schuh of IBM X-Force
7) ling and wushi of team509, reported via ZDI
8) moz_bug_r_a4
9) Collin Jackson
10) Chris Evans

Original Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-51.html
http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
http://www.mozilla.org/security/announce/2008/mfsa2008-53.html
http://www.mozilla.org/security/announce/2008/mfsa2008-54.html
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
http://www.mozilla.org/security/announce/2008/mfsa2008-57.html
http://www.mozilla.org/security/announce/2008/mfsa2008-58.html

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area