Thursday, July 19, 2007

Security Issues fixed in new Firefox 2.0.0.5


Mozilla developers fixed many bugs and security issues in Firefox 2.0.0.5 update. The following security issues have been fixed by Mozilla in Firefox 2.0.0.5 update.

XPCNativeWrapper pollution

Unauthorized access to wyciwyg:// documents

Remote code execution by launching Firefox from Internet Explorer

File type confusion due to %00 in name

Privilege escalation using an event handler attached to an element not in the document

Frame spoofing while window is loading

XSS using addEventListener and setTimeout

Crashes with evidence of memory corruption

You can download Firefox 2.0.0.5 update from here


No comments: