Mozilla has released updates for three of its open-source applications, namely Firefox, Thunderbird, and SeaMonkey, which is a developer kit.

Bugs found in Thunderbird and now patched include an error in the handling of Script objects, and errors in the layout engine and memory corruption errors in the JavaScript engine, according to Secunia, the security analysts.

The vulnerabilities, Secunia wrote in an advisory, “can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a vulnerable system”.

Issues in version 1.5 of Firefox that are also addressed by the patch were labelled critical by two different security firms.

Mozilla has said that it will only support Firefox version 1.5 until October 2007, by which time it expects everyone to have upgraded to the recently-released version 2.0.

The company doesn’t release updates to its software as a monthly event as Microsoft does, but this is perhaps because it’s less targeted by hackers as fewer people use its software. It previously released a security patch in September.