Unlike 2.0.0.7, Firefox’s new update is highly recommended to fix the crashes that many users have reported.
Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
The security issues that were fixed are as follows:
- URIs with invalid %-encoding mishandled by Windows
- XPCNativeWrapper pollution using Script object
- Possible file stealing through sftp protocol
- XUL pages can hide the window titlebar
- File input focus stealing vulnerability
- Browser digest authentication request splitting
- onUnload Tailgating
- Crashes with evidence of memory corruption (rv:1.8.1.8)
To update your Firefox installation, Click Help>Check for Updates.
Firefox should pick it up and install it after a few seconds.
Written by sylv3rblade on October 20, 2007 at 5:55 am. Follow responses to this entry via the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Tagged with: free-software
Filed Under: General Computing
Tagged with: free-software
Filed Under: General Computing
Leave a Reply
XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>