Firefox 3.0.9 Released

April 21, 2009 – 8:31 PM


Firefox 3.0.9 fixes several security issues found in Firefox 3.0.8:

  • Firefox allows Refresh header to redirect to javascript: URIs
  • POST data sent to wrong site when saving web page with embedded frame
  • Malicious search plugins can inject code into arbitrary sites
  • Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
  • XSS hazard using third-party stylesheets and XBL bindings
  • Same-origin violations when Adobe Flash loaded via view-source: scheme
  • jar: scheme ignores the content-disposition: header on the inner URI
  • URL spoofing with box drawing character
  • Crashes with evidence of memory corruption (rv:

Run a Check for Updates from the Help menu, or you can always get the latest version here:

You must be logged in to post a comment.