Download.Fixed in Firefox 2.0.0.1
* XSS using outer window's Function object
* RSS Feed-preview referrer leak
* Mozilla SVG Processing Remote Code Execution
* XSS by setting img.src to javascript: URI
* LiveConnect crash finalizing JS objects
* Privilege escallation using watch point
* CSS cursor image buffer overflow (Windows only)
* Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
Mai pe larg: What's New in Firefox 2.0.0.2Fixed in Firefox 2.0.0.2
* Embedded nulls in location.hostname confuse same-domain checks
* Mozilla Network Security Services (NSS) SSLv2 buffer overflow
* XSS and local file access by opening blocked popups
* Spoofing using custom cursor and CSS3 hotspot
* Information disclosure through cache collisions
* Improvements to help protect against Cross-Site Scripting attacks
* Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
Pentru ramura 1.5.*, suportul va fi întrerupt pe 24 aprilie 2007.
XUL Popup Spoofing
XSS using addEventListener
Path Abuse in Cookies
Persistent Autocomplete Denial of Service
Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)