The Firefox 1.5.0.3 update is designed to address vulnerabilities in versions 1.5 through 1.5.0.2.
Malicious attackers could exploit the flaws to cause a denial-of-service attack, which in turn may allow them to take remote control of a user's system, according to an alert from security research company Secunia, which rates the flaw as "highly critical."
The flaws may be exploited when people attempt to engage a deleted component with designMode turned on. While this typically will crash the browser, it could also result in an attacker running malicious code, according to a Mozilla security advisory.
Mozilla, which oversees the development of the Firefox browser, said it released the 1.5.0.3 version early to tackle the security issue. As a result, plans for a larger update will be bumped to version 1.8.0.4.
The latest security release follows one issued in mid-April. The 1.5.0.2 version was designed to address seven vulnerabilities, five of which were "critical" and could allow a malicious attacker to run code with virtually no user interaction.
