ADVERTISEMENTS

Mozilla Corporation released Firefox 1.5.0.9 and Firefox 2.0.0.1 to provide stability and security enhancements. A security update notification will auto pop up to remind you about the update. You can also apply the update manually by selecting “Check for Updates…” from the Help menu.

All Firefox users are recommended to upgrade to this latest release. This update is available immediately in 37 languages including Spanish, Japanese, Arabic, Hungarian and more.

Fixed in Firefox 2.0.0.1:

• XSS using outer window’s Function object
• RSS Feed-preview referrer leak
• Mozilla SVG Processing Remote Code Execution
• XSS by setting img.src to javascript: URI
• LiveConnect crash finalizing JS objects
• Privilege escallation using watch point
• CSS cursor image buffer overflow (Windows only)
• Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

Read the Release Notes of Mozilla Firefox 2.0.0.1. Firefox 2.0.0.1 can be downloaded from http://www.mozilla.com/en-US/firefox/

Firefox 1.5.0.x will be maintained with security and stability updates until April 24, 2007 and they urge all users to upgrade to Firefox 2.0.

Fixed in Firefox 1.5.0.9:

• RSS Feed-preview referrer leak
• Mozilla SVG Processing Remote Code Execution
• XSS by setting img.src to javascript: URI
• LiveConnect crash finalizing JS objects
• Privilege escallation using watch point
• CSS cursor image buffer overflow (Windows only)
• Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

For more infomation, refer to the Mozilla Firefox 1.5.0.9 Release Notes. You can download Firefox 1.5.0.9 here.