The latest release fixed several security issues:MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
MFSA 2008-63 User tracking via XUL persist attribute
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-69 XSS vulnerabilities in SessionStore
No comments:
Post a Comment