Firefox 1.5.0.3 released


Mozilla has released a new 1.5.0.3 security update to its Firefox web browser. The release fixes a "highly critical" denial of service vulnerability in the browser that could cause crashes and potential malicious code execution. According to the Secunia listing, the vulnerability is caused by "a reference to a deleted object when designMode is enabled. This can be exploited to corrupt the memory and cause a crash by calling the 'contentWindow.focus()' method on a container with specially crafted content." Mozilla says older versions of Firefox 1.0.x and the Mozilla suite 1.7.x are not affected, leaving only versions of Firefox between 1.5 and 1.5.0.2 as potential targets for the security hole. The 1.5.0.3 update can either be downloaded by going into Firefox's Help menu and selecting "Check for Updates..." or downloading the new release from Mozilla's Firefox page.
Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.