Mozilla released 2.0.0.5 version of Firefox 2.This new version has fixed 8 security issues as below:
1. MFSA 2007-25 XPCNativeWrapper pollution.
2. MFSA 2007-24 Unauthorized access to wyciwyg:// documents
3. MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
4. MFSA 2007-22 File type confusion due to %00 in name
5. MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document.
6. MFSA 2007-20 Frame spoofing while window is loading.
7. MFSA 2007-19 XSS using addEventListener and setTimeout.
8. MFSA 2007-18 Crashes with evidence of memory corruption
Out of above eight , issue 3, 5 and 8 were the critical.
Details can be found at:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.5
Release note:
http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/
No comments:
Post a Comment