{"id":2188,"date":"2008-12-20T12:32:00","date_gmt":"2008-12-20T04:32:00","guid":{"rendered":"http:\/\/telecnsr.com\/?p=2188"},"modified":"2013-08-17T06:17:36","modified_gmt":"2013-08-16T22:17:36","slug":"firefox-2","status":"publish","type":"post","link":"https:\/\/telecnsr.com\/2188\/","title":{"rendered":"[\u66f4\u65b0] Firefox 2.0.0.20 \u7e41\u9ad4\u4e2d\u6587\u7248 \u4e0b\u8f09"},"content":{"rendered":"
\n

2008\/12\/27\u66f4\u65b0\uff1a<\/span><\/strong>\u8edf\u9ad4\u7248\u672c\u66f4\u65b0\u70ba2.<\/a>0.0.20\uff0c\u6b64\u70baFirefox 2.x\u7cfb\u5217\u6700\u5f8c\u7248\u672c\uff0c\u4ee5\u5f8c\u4e0d\u518d\u66f4\u65b0\uff0c\u8acb\u6539\u7528\u6700\u65b0\u7248\u7684Firefox 3.x\u7248\uff0cFirefox 3.0.5\u8acb\u6309\u9019\u88e1<\/a>\uff0cFirefox 3.1\u8acb\u6309\u9019\u88e1<\/a>\u3002<\/p>\n<\/blockquote>\n

\u5728Mozilla\u52aa\u529b\u63a8\u5ee3\u6700\u65b0\u7248\u7684Firefox 3.0\u700f\u89bd\u5668\u7684\u540c\u6642\uff0c\u539f\u672c\u76842.x\u7248\u672c\u9084\u662f\u6c92\u653e\u8457\u4e0d\u7ba1\uff0c\u4e00\u6a23\u662f\u6709\u6d1e\u5c31\u88dc\u3001\u6709\u554f\u984c\u5c31\u4fee\u3002\u6700\u8fd1\u4e5f\u63a8\u51fa\u4e862.0.0.19\u6700\u65b0\u7248\u672c\uff0c\u7b97\u4e00\u7b97\u4e00\u5171\u4fee\u5fa9\u4e8612\u500b\u8edf\u9ad4\u5b89\u5168\u6027\u8207\u7a69\u5b9a\u6027\u7684\u554f\u984c\u3002\u5982\u679c\u4f60\u76ee\u524d\u9084\u4f7f\u7528Firefox 2.x\u7248\u672c\u7684\u8a71\uff0c\u61c9\u8a72\u4e5f\u90fd\u6709\u6536\u5230\u66f4\u65b0\u901a\u77e5\u4e86\uff0c\u8a18\u5f97\u6539\u5feb\u5347\u7d1a\u6210\u6700\u65b0\u7248\uff0c\u4fee\u88dc\u4e00\u4e0b\u6f0f\u6d1e\u5537\u3002<\/p>\n

<\/p>\n

\n

\u8edf\u9ad4\u540d\u7a31\uff1a<\/strong>Mozilla Firefox
\u8edf\u9ad4\u8a9e\u8a00\uff1a<\/strong>\u7e41\u9ad4\u4e2d\u6587\u7248
\u8edf\u9ad4\u7248\u672c<\/strong>\uff1a2
.<\/a>0.0.20
\u6a94\u6848\u5927\u5c0f\uff1a<\/strong>5.76MB
\u5b98\u65b9\u7db2\u7ad9<\/strong>\uff1a
http:\/\/moztw.org<\/a>
\u8edf\u9ad4\u4e0b\u8f09<\/strong>\uff1a
Windows\u7248<\/a>\u3001Mac OS X\u7248<\/a>\u3001Linux\u7248<\/a><\/p>\n<\/blockquote>\n

 <\/p>\n

\n

Firefox 2.0.0.19\u66f4\u65b0\u9805\u76ee\uff1a \uff08\u539f\u6587\u7db2\u5740<\/a>\uff09<\/strong><\/p>\n

    \n
  1. XSS vulnerabilities in SessionStore<\/li>\n
  2. XSS and JavaScript privilege escalation<\/li>\n
  3. Escaped null characters ignored by CSS parser<\/li>\n
  4. Errors parsing URLs with leading whitespace and control characters<\/li>\n
  5. Cross-domain data theft via script redirect error message<\/li>\n
  6. XMLHttpRequest 302 response disclosure<\/li>\n
  7. Additional XSS attack vectors in feed preview<\/li>\n
  8. Information stealing via loadBindingDocument<\/li>\n
  9. Crashes with evidence of memory corruption (rv:1.9.0.5\/1.8.1.19)<\/li>\n<\/ol>\n<\/blockquote>\n
    \n

    \u66f4\u65b0\u9805\u76ee<\/strong><\/a>\uff1aFixed in Firefox 2.0.0.15<\/strong><\/p>\n

      \n
    1. MFSA 2008-33 Crash and remote code execution in block reflow <\/li>\n
    2. MFSA 2008-32 Remote site run as local file via Windows URL shortcut <\/li>\n
    3. MFSA 2008-31 Peer-trusted certs can use alt names to spoof <\/li>\n
    4. MFSA 2008-30 File location URL in directory listings not escaped properly <\/li>\n
    5. MFSA 2008-29 Faulty .<\/a>properties file results in uninitialized memory being used <\/li>\n
    6. MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X <\/li>\n
    7. MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range <\/li>\n
    8. MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() <\/li>\n
    9. MFSA 2008-24 Chrome script loading from fastload file <\/li>\n
    10. MFSA 2008-23 Signed JAR tampering <\/li>\n
    11. MFSA 2008-22 XSS through JavaScript same-origin violation <\/li>\n
    12. MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15) <\/li>\n<\/ol>\n<\/blockquote>\n

       <\/p>\n

      \n

      \u5ef6\u4f38\u95b1\u8b80\uff1a<\/strong><\/p>\n

        \n
      1. [\u4e0b\u8f09]\u7cbe\u907825\u500bFirefox\u5e38\u7528\u5916\u639b<\/a><\/li>\n
      2. 32\u500bFirefox\u5e38\u7528\u641c\u5c0b\u5f15\u64ce<\/a><\/li>\n
      3. \u7528Firefox\u4e5f\u53ef\u4ee5\u4e0aBBS\u7ad9\uff01 (PCMan plug-in)<\/a><\/li>\n
      4. \u5982\u4f55\u5728Firefox 3.1\u4e2d\u958b\u555fTraceMonkey\u52a0\u901f\u529f\u80fd\uff1f<\/a><\/li>\n<\/ol>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"

        2008\/12\/27\u66f4\u65b0\uff1a\u8edf\u9ad4\u7248\u672c\u66f4\u65b0\u70ba2.0.0.20\uff0c\u6b64\u70baFirefox 2.x\u7cfb\u5217\u6700\u5f8c\u7248\u672c\uff0c\u4ee5\u5f8c\u4e0d\u518d\u66f4\u65b0\uff0c\u8acb\u6539\u7528\u6700\u65b0\u7248\u7684Firefox 3.x\u7248\uff0cFirefox 3.0.5\u8acb\u6309\u9019\u88e1\uff0cFirefox 3.1\u8acb\u6309\u9019\u88e1\u3002 \u5728Mozilla\u52aa\u529b\u63a8…<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[173],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/posts\/2188"}],"collection":[{"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/comments?post=2188"}],"version-history":[{"count":0,"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/posts\/2188\/revisions"}],"wp:attachment":[{"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/media?parent=2188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/categories?post=2188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/telecnsr.com\/wp-json\/wp\/v2\/tags?post=2188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}