Firefox 1.0.3 has been released. The following issues have been fixed
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
I'll fill in the rest of the CVE id's when they arrive.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
*** Bug 155358 has been marked as a duplicate of this bug. ***