FF 1.0.3 – Where the Hits Just Keep On Coming

April 16, 2005


As reported yesterday afternoon:

The Mozilla Foundation today released updates to two of its main products, the Mozilla Suite and Firefox. This marks the third round of security fixes for Firefox, along with the seventh minor update to the 1.7 version of the Mozilla Suite. Security issues fixed in these new versions are listed on the Known Vulnerabilities page with detailed descriptions of each issue.

So I’ve updated – and added another few downloads to the counters. Man, I wonder what the real stats are for unique downloads. Oh well. We’ll see more details as web sites report unique visits by Firefox users. In the meantime, you can get you copy here.

The security fixes are as follows:

MFSA 2005-33 Javascript “lambda” replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides

I don’t yet have the scoop on whether these bits include Asa’s “Popups Must Die” ad block improvements. I’ll double check and report later.


The relevant string did not exist in about:config after install. So I added the following: privacy.popups.disable_from_plugins with a string value of 2 (it accepts 0,1,2, or 3). Things are blocked quite nicely now.


Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s