Mozilla has released an update for its Firefox browser. The new version, called Firefox 2.0.0.12  fixes 10 security issues, which are described in an advisory posted on the company’s website.

Amongst them are three critical vulnerabilities and one rated as high.

The first Security Advisory fixed several stability bugs in the browser engine used in Firefox 2.0.0.12 and other Mozilla-based products.

“Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code”, said Mozilla in a note posted on the website.

Mozilla Foundation Security Advisory 2008-03 fixed a series of vulnerabilities which allow scripts from page content to escape from its sandboxed context and/or run with chrome privileges, while Security Advisory 2008-06 has solved a vulnerability in the way images are treated by the browser when a user leaves a page which utilizes designMode frames. The reported issue can be used to steal a user's navigation history, forward navigation information, and crash the user's browser. The crash showed evidence of memory corruption and might be exploitable to run arbitrary code.

According to Mozilla’s rating system, a vulnerability is classified as “critical” even when it's not certain that an exploit could result in an attacker introducing malicious code.

Firefox 2.0.0.12 fixed also a design error related to timer-enabled dialogs can be exploited to trick a user into unintentionally confirming a security dialog. Firefox 2.0.0.12 can be downloaded from here.

For the next week, Mozilla plans to release the third beta of its next version, Firefox 3.0. Firefox 3.0 will bring several improvements, which include new security features and tools, several back-end platform enhancements and a redesign of the bookmarking and browser history.