- Several security fixes
- Code execution through shared function objects
- XHTML node spoofing
- Javascript prompt origin spoofing
- Standalone applications can run arbitrary code through the browser
- Same origin violation: frame calling top.focus()
- The return of frame-injection spoofing
- Possibly exploitable crash in InstallVersion.compareTo()
- Script injection from Firefox sidebar panel using data:
- Same-origin violation with InstallTrigger callback
- Code execution via "Set as Wallpaper"
- XBL scripts ran even when Javascript disabled
- Content-generated event vulnerabilities
- Stability improvements
|