FireFox 1.5.0.3 security fix now live

Schadenfroh · May 2, 2006

Martijn Wargers and Nick Mott each described crashes that were discovered to ultimately stem from the same root cause: attempting to use a deleted controller context when designMode was turned on. This generally results in crashing the browser, but in theory references to deleted objects can be abused to run malicious code.

"splices" reported the same crash at the fan site MozillaZine and on Bugtraq, incorrectly describing it as a buffer overflow.

Older clients, including Firefox 1.0.x and the Mozilla Suite 1.7.x, are not affected.

Download

Mem · May 2, 2006

Thanks Schadenfroh,another quicker option is to use "check for updates" in Firefox help menu at top of browser .

kamper · May 2, 2006

Thanks. It'll be applied next time I restart firefox (which may be weeks, who knows?). 🙂

secretanchitman · May 2, 2006

got it via the "check for updates". thanks for the heads-up!

Muadib · May 3, 2006

Originally posted by: secretanchitman
got it via the "check for updates". thanks for the heads-up!

mechBgon · May 3, 2006

Bump, get your FF-using family & friends updated, people. gj Schadenfroh 🙂

FireFox 1.5.0.3 security fix now live

Schadenfroh

Elite Member

Mem

Lifer

kamper

Diamond Member

secretanchitman

Diamond Member

Muadib

Lifer

mechBgon

Super Moderator<br>Elite Member