Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Firefox v1.0.7 Released - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox v1.0.7 Released
Earlier today, Mozilla released the newest stable release of Firefox.  Firefox 1.0.7 is available for download in many languages (sorry Kevin that the KR release isn't ready yet, hopefully it will be soon).

From the release notes available at Mozilla Firefox website:

"This version includes several security and stability fixes, including a fix for a reported buffer overflow vulnerability and a fix for a Linux shell command vulnerability.

Specific changes in Firefox 1.0.7

  • Fix for a potential buffer overflow vulnerability when loading a hostname with all soft-hyphens
  • Fix to prevent URLs passed from external programs from being parsed by the shell (Linux only)
  • Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script that uses an "eval" statement
  • Fix to restore InstallTrigger.getVersion() for Extension authors
  • Other stability and security fixes

191 Posts
ISC Handler
Sep 21st 2005

Sign Up for Free or Log In to start participating in the conversation!