July 2005
Mozilla - Update to Firefox Available for Download
ID: 00579
Ref: 538/05
Date: 13 July 2005:13:27:38
Version: 1
Title: Mozilla - Update to Firefox Available for Download
Abstract: Mozilla have released Firefox version 1.0.5, which fixes multiple known vulnerabilities.
Vendors affected: Mozilla
Operating systems affected: Mozilla
Applications affected: Mozilla
Title
=====
Mozilla - Update to Firefox Available for Download
Detail
======
Mozilla have released Firefox version 1.0.5, which fixes the following known
vulnerabilities:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
An index of fixed vulnerabilities, which links to more detailed descriptions,
can be found on the following page:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox