New released have been announced today by Mozilla, Firefox 2.0.0.2. Including mainly several security issues fixes, in addition to an enhanced Windows Vista Support, a fix in german translation, and four new languages : Afrikaans, Belarusian, Georgian, and Kurdish. If you didn’t get already the update message, you can download it directly from Mozilla website. Vulnerabilities fixed in this release :
- Embedded nulls in location.hostname confuse same-domain checks
- Mozilla Network Security Services (NSS) SSLv2 buffer overflow
- XSS and local file access by opening blocked popups
- Spoofing using custom cursor and CSS3 hotspot
- Information disclosure through cache collisions
- Improvements to help protect against Cross-Site Scripting attacks
- Crashes with evidence of memory corruption