Mozilla Firefox 1.5.0.2

By Copernic
in Back Page News

 Share

Recommended Posts

Mentor

Raven

Posted
Posted

This was great. I got a message box informing me of the already installed update and to restart Firefox. These guy (and gals) have come a long way to make the best browser on the market (IMHO). MS might as well buy Mozilla 'cause that's the only way they'll have a decent browser.

Grand Master

Farstrider

Posted
Posted

Firefox 1.5.0.2 Fixes 21 Vulnerabilities

The Mozilla Foundation released an update to fix 21 security vulnerabilities in their Web browser, Firefox 1.5 for Windows, Linux, and Mac. If one of your users visits a malicious Web page, an attacker could exploit the worst of these vulnerabilities to execute code on that user's computer, with that user's privileges, possibly gaining complete control of the computer. If you use Firefox on any platform, you should download and deploy version 1.5.0.2 as soon as possible.

The Mozilla Foundation released Firefox 1.5.0.2, fixing 21 security vulnerabilities, as well as a few other stability issues, in the popular Web browser. Many of these vulnerabilities could allow a remote attacker to execute arbitrary code on your users' computers. We highlight three of the more worrisome flaws below:

An integer overflow in CSS Letter-Spacing. Firefox's CSS Letter-Spacing property suffers from an integer overflow vulnerability. By enticing one of your users to a malicious Web page, an attacker could exploit one of these integer overflows to execute code on that user's computer with the user's privileges. If you give your users local administrative privileges, an attacker could potentially exploit this flaw to gain control of their system.

Code execution vulnerability in particular JavaScript method. A flaw in a particular JavaScript method (called crypto.generateCRMFRequest) allows remote attackers to execute code on one of your user's machines with that user's privileges. However, like the flaw above, the attacker would first have to entice his victim to a malicious Web page for this attack to succeed.

Flaws in DHTML handling may allow code execution. Firefox suffers from several security vulnerabilities and crash bugs involving the way it handles DHTML Web content. Some of these vulnerabilities could allow attackers to execute code on your users' computers with their privileges. Like both flaws above, the hacker would have to entice your users to a malicious Web page in order to exploit these flaws.

These three flaws alone should convince you to update your Firefox users as soon as possible. However, if you'd like to know more about the remaining vulnerabilities, check out Firefox's known issues page.

Mozilla has updated Firefox to version 1.5.0.2 in order to correct these security vulnerabilities. If you use Firefox in your network, download and deploy version 1.5.02 as soon as possible.

Windows

Mac OS X

These attacks arrive as normal-looking HTTP traffic, which you need to allow through your firewall so your end users can access the World Wide Web. Therefore, the patches above are your best solution.

Thought that this may help anyone looking for help or downloads!

Rookie

Jzilla

Posted
Posted

Firefox 1.5.0.2 Fixes 21 Vulnerabilities

It is Firefox 1.0.8 that has 21 or rather 18 Vulnerabilities fixed, NOT Firefox 1.5.0.2 as it only actually has 7 vulnerabilities fixed. http://www.mozilla.org/projects/security/k...rabilities.html

https://www.neowin.net/index.php?act=view&id=32838&cid=451400

Most of those advisories don't affect 1.5.0.1. The ones at the start say they affect Firefox before 1.5.0.2; the rest say they affect Firefox before 1.5 when in fact only 7 fixes are featured in 1.5.0.2 compared to a whopping 18 in 1.0.8.

By the way for Firefox 1.0.8 unlike what they planned in the past they decided that 1.0.8 will be the last of the old Aviary1.0.1 Branch releases unless something comes up to warrant a 1.0.9

Neowinian

RabbiDreed

Posted
Posted

Glad to say that it does fix a few of them.

  • Memory leaks
    • 321283 - Using Find causes documents to leak.
    • 323532 - Leak when using history autocomplete.
    • 323377 - Lots of leaks in nsInternetSearchService.

Yet it may have introduced a whole new BIGGER memory leak...

I've had to regress to 1.5.0.1 to avoid it crashing. The memory footpront is usually between 100MB and 250MB even with just 1 tab open! When it happens I can't even kill the process! I can't even shut down! Has to be a hard power off...

Just compliling some more evidence on another machine to submit a bug.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Microsoft is making an important security change in Windows soon

      By wrack · Posted

      Thought it was more towards pass phrase 😅 I l0v3 0n3 P@$$w0rd 2 rul3 th3m @ll!
    • Microsoft introduces Web IQ, a Bing-powered search system built for AI agents

      By wrack · Posted

      Haven't used Google for almost 10 years now and have no issues. Lately all my searches are done via Copilot. Even better contextualised answers.
    • Microsoft OneDrive is getting a simple yet much needed feature

      By +samw61 · Posted

      This is needed! Good to see them working on it. My solution up until now at work is to hide all MY folders, showing only the shortcuts, but linking my personal folders to the corresponding Libraries. Having this exposed in the Navigation pane of File Explorer means that I have easy nested access to my stuff, as well as all the shortcuts under the OneDrive folder when needed, often open as I only have about 10 or so linked sources.
    • Still using Classic Outlook? Microsoft highlights 15 reasons to switch to New Outlook

      By Raa · Posted

      HAHAHAHAHAHA No.
    • WinToHDD 7.0.2.2

      By Copernic · Posted

      WinToHDD 7.0.2.2 by Razvan Serea WinToHDD is a handy and useful software which allows you to install or reinstall Windows (Vista/2008 or later) without using a CD/DVD/USB drive. With this All-in-One Microsoft Windows deployment tool, you can easily reinstall Windows, install Windows onto disks other than the one where your Windows is installed, or clone existing Windows installation to other disk. Furthermore, you can use it to create a Windows installation USB containing all your Windows installation ISO files, then you can install Windows (Vista/2008 or later) from the same USB drive on both BIOS and UEFI computers. WinToHDD features: Install/reinstall Windows from ISO, WIM, ESD without using CD/DVD/USB.Improved Clone Windows to another disk without reinstalling Windows, apps.Improved Easily bypass Windows 11 system requirements (TPM 2.0, RAM, internet connection, etc).Improved Encrypt Windows partition with BitLocker when installing or cloning. Install any version of Windows 11/10/8/7/Vista, Server 2008 or later (64 & 32 bits) from same USB drive on both BIOS and UEFI computers. Fully compatible with GPT and UEFI. Note: WinToHDD 7.0.2.2 changelog is not yet available. Download: WinToHDD 7.0.2.2 | 36.6 MB (Freemium) Links: Home Page | Free vs Pro Comparison | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware

  • Recent Achievements

    • Very Popular
      s0nic69 earned a badge
      Very Popular
    • Collaborator
      Asgardi earned a badge
      Collaborator
    • Conversation Starter
      mobandz earned a badge
      Conversation Starter
    • Apprentice
      fernan99 went up a rank
      Apprentice
    • One Month Later
      nothanks earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      472
    2. 2
      PsYcHoKiLLa
      246
    3. 3
      Skyfrog
      79
    4. 4
      FloatingFatMan
      69
    5. 5
      Michael Scrip
      60
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!