Printable View
http://isc.sans.org/ - Full story.Quote:
There is a new advisory out that indicates there is a remote denial of service exploit in Firefox 1.5.0.7 and Firefox 2. The original post indicated that there could be a buffer overflow and remote code execution component, but as of 10/31 this has not been verified. This exploit will occur when a specifically crafted webpage tries to create a range object with "createRange". So far it will only make the browser crash.
Cheers:
Quote:
Originally Posted by JPnyc
I wish I knew the answer to that - I know that in the past, FF wouldn't autoupdate from say 1.04 to something like 1.5.0.7, so I'm wondering if the 'major' releases won't? As soon as I heard the news that FF v2.0 was released I downloaded and installed, I never waited for autoupdate.
As far as the X on the tabs, I love it - I was using the TabX extension in 1.5.07 to make an X appear on each individual tab and I'm glad it's built into FF by default now - but I can understand individuals not liking the way it's setup now - individual close buttons just worked for me...
Overall, I love FF v2.0....
EDIT: Opps, just saw this post by Moira:
If that is in fact the truth, then that seems to confirm what I've noticed in the past...Quote:
Firefox only updates on point releases, not on major new versions.
Yeah it didn't auto-update and I didn't bother to DL it.