Mozilla ships Firefox 1.0.5 security update - twelve leaks fixed

Posted on Wednesday, July 13 2005 @ 16:12 CEST by Thomas De Maesschalck
Microsoft shipped out three security updates yesterday and Mozilla also fixed a bunch of security issues in its Firefox browser.

Firefox 1.0.5 includes several fixes to boost stability and patches two critical and four high security risks. A total of twelve security leaks were addressed in this update. Here's a list of all security updates in 1.0.5:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Firefox 1.0.5 can be downloaded here for Windows, Linux and Mac OS X.

Loading Comments