Multiple vulnerabilities that could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open source browser.
Details of the nine flaws were published on Mozilla's security Web site over the weekend.
Latter said another issue could allow malicious scripts to gain access to random pieces of memory.
"This random memory may or may not contain pieces of information about where you have been browsing. The worst-case scenario is that it could contain some personal or login information," said Latter.
According to the French Security Incident Response Team (FrSIRT), attackers can potentially run malicious code on a users' system because of a flaw in the Mozilla browser's pop-up blocker.
Another of the Firefox flaws can be exploited when a user visits a Web page that requires a plug-in that has not already been installed. The FrSIRT advisory claims that if the browser's Plug-in Finder Service is used to automatically find an appropriate plug-in, the 'manual install' function can be used to "launch arbitrary code capable of stealing local data or installing malicious code".
All versions of Mozilla Suite prior to version 1.7.7 and all versions of Firefox prior to 1.0.3 are vulnerable.
Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.