Dev Connection

Ed Burnette

Get Dev Connection via:: Mobile; RSS; Email Alerts
Bios:: Ed’s Bio

July 19th, 2007

3 critical flaws fixed in Firefox 2.0.0.5

Posted by Ed Burnette @ 3:01 am

Categories: General, Scripting, Web Browsers

Tags: Mozilla Firefox, Ed Burnette, Flaw, Ed Burnette

An automatic update to Mozilla Firefox 2.0.0.5 last night closed 8 security holes, 3 of which were listed as “critical”, according to the release notes. Fixes include:

Critical

MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-18 Crashes with evidence of memory corruption

High

MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-19 XSS using addEventListener and setTimeout

Moderate

MFSA 2007-25 XPCNativeWrapper pollution

Low

MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-20 Frame spoofing while window is loading

Ed Burnette is a professional developer and author of several articles and books about computing including Hello, Android: Introducing Google's Mobile Development Platform, 2nd Edition. For disclosure of Ed's industry affiliations, click here or to view his full profile click here.

Email Ed Burnette

Subscribe to Dev Connection via Email alerts or RSS.

Talkback
Most Recent of 8 Talkback(s)

Thread View
Flat View

Hehe, damn formatting!!: That's okay, I think I get the gist.

However, I can still automatically launch a wide range of external applications from Internet Explorer and provide them with arbitrary command line argum... (Read the rest); Posted by: NonZealot Posted on: 07/20/07 You are currently: a Guest | Log in | Terms of Use

Now if only... jspen@... | 07/19/07

Java Ed Burnette

| 07/19/07

Can we bury the argument tonymcs@... | 07/19/07

Then why are you digging up the argument? Tony Agudo | 07/19/07

What IE vulnerability? NonZealot | 07/20/07

This IE vulnerability: Tony Agudo | 07/20/07

Ugh, darn ZDnet formatting... Tony Agudo | 07/20/07

Hehe, damn formatting!! NonZealot | 07/20/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Essential Topics

Blogs From Our Sponsors

Top Rated

Android 2.0 (Eclair) FAQ+13 votes
What's new in Android 2.0? Part 1: User features+12 votes
What's new in Android 2.0? Part 2: Developer features+7 votes
New Epic 3D game engine toolset: Fabulous, fun, and free!+6 votes
Skype open source? Ain't gonna happen+4 votes
Motorola DROID on Verizon: Is this the iPhone killer you're looking for?+3 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now
Key Strategies for Federal Agencies - Safe and Cost Effective Migration for Legacy Hardware GovConnection The federal government has mandated that federal agencies reduce energy ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now

Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
Smart People The best and worst moves in the management and strategy trenches. Learn More

Dev Connection

Ed Burnette

July 19th, 2007

3 critical flaws fixed in Firefox 2.0.0.5

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Dev Connection

Ed Burnette

July 19th, 2007

3 critical flaws fixed in Firefox 2.0.0.5

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

Blogroll

ZDNet Blogs

White Papers, Webcasts, and Downloads

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads