Firefox 1.0.3 released

A number of security problems were highlighted over the weekend, with details published by Mozilla, and a new version of the browser is now available for download.

Mozilla prefers to launch a whole new browser rather than issue security updates Microsoft-style.

The new download fixes half a dozen potential security problems with the browser.


Fixed in Firefox 1.0.3

MFSA 2005-33
Javascript “lambda” replace exposes memory contents

MFSA 2005-34
javascript: PLUGINSPAGE code execution

MFSA 2005-35
Showing blocked javascript: popup uses wrong privilege context

MFSA 2005-36
Cross-site scripting through global scope pollution

MFSA 2005-37
Code execution through javascript: favicons

MFSA 2005-38
Search plugin cross-site scripting

MFSA 2005-39
Arbitrary code execution from Firefox sidebar panel II

MFSA 2005-40
Missing Install object instance checks

MFSA 2005-41
Privilege escalation via DOM property overrides

Spread the love