If you are still using FireFox version 2, then you need to update this version as well, since the latest release of this version includes 14 patches. A number of patches in version 2 are exclusive to this specific version.
Frankly, if you are still using version 2 you need to take the plunge and update to version 3 now. There is no guarantee that Mozilla will continue to offer support for version 2.
The latest FireFox security advisory lists the following vulnerabilities as having been patched.
MFSA 2008-42: Critical
Titled “Crashes with evidence of memory corruption (rv:184.108.40.206/220.127.116.11)”–Mozilla says under certain circumstances memory corruption could be exploited to run arbitrary code.
MFSA 2008-41: Critical
Titled “Privilege escalation via XPCnativeWrapper pollution”–Mozilla says this fix includes “a series of vulnerabilities which can pollute XPCNativeWrappers and allow arbitrary code run with chrome privileges.”
MFSA 2008-39: Critical
Titled “Privilege escalation using feed preview page and XSS flaw”–Mozilla says this fixes “a series of vulnerabilities in feedWriter which allow scripts from page content to run with chrome privileges.”
MFSA 2008-37: Critical
Titled “UTF-8 URL stack buffer overflow”–Mozilla says “a specially crafted UTF-8 URL in a hyperlink…could overflow a stack buffer and allow an attacker to execute arbitrary code.
MFSA 2008-38: High
MFSA 2008-43: Moderate
MFSA 2008-44: Moderate
Titled “resource: traversal vulnerabilities”–Mozilla says the restrictions imposed on local HTML files could be bypassed using the resource: protocol, allowing an attacker to read information about the system and prompt the victim to save the information in a file.
MFSA 2008-40: Low
Titled “Forced mouse drag”–Mozilla says the vulnerability allows an attacker to move the content window while the mouse is being clicked, causing an item to be dragged rather than clicked-on possibly forcing a user to download a file or perform other drag-and-drop actions.
MFSA 2008-45: Low
Titled “XBM image uninitialized memory reading”–Mozilla says a bug in the XBM decoder allowed random small chunks of uninitialized memory to be read.
It is highly recommended that you update immediately on the Mozilla site, or by clicking on Help – Check for Updates in FireFox.