Thursday, July 19, 2007

Security Issues fixed in new Firefox

Mozilla developers fixed many bugs and security issues in Firefox update. The following security issues have been fixed by Mozilla in Firefox update.

XPCNativeWrapper pollution

Unauthorized access to wyciwyg:// documents

Remote code execution by launching Firefox from Internet Explorer

File type confusion due to %00 in name

Privilege escalation using an event handler attached to an element not in the document

Frame spoofing while window is loading

XSS using addEventListener and setTimeout

Crashes with evidence of memory corruption

You can download Firefox update from here

No comments: