Firefox 1.0.3 has been released. The following issues have been fixed http://www.mozilla.org/projects/security/known-vulnerabilities.html MFSA 2005-33 Javascript "lambda" replace exposes memory contents CAN-2005-0989 MFSA 2005-34 javascript: PLUGINSPAGE code execution CAN-2005-0752 MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context MFSA 2005-36 Cross-site scripting through global scope pollution MFSA 2005-37 Code execution through javascript: favicons MFSA 2005-38 Search plugin cross-site scripting MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II MFSA 2005-40 Missing Install object instance checks MFSA 2005-41 Privilege escalation via DOM property overrides I'll fill in the rest of the CVE id's when they arrive.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-383.html
*** Bug 155358 has been marked as a duplicate of this bug. ***