Fixed in Firefox 2.0.0.18 MFSA 2008-58 Parsing error in E4X default namespace MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-55 Crash and remote code execution in nsFrameManager MFSA 2008-54 Buffer overflow in http-index-format parser MFSA 2008-53 XSS and JavaScript privilege escalation via session restore MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) MFSA 2008-50 Crash and remote code execution via __proto__ tampering MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-48 Image stealing via canvas and HTTP redirect MFSA 2008-47 Information stealing via local shortcut files (CVE-2008-0017, CVE-2008-5012, CVE-2008-5013, CVE-2008-5014(bug #195978), CVE-2008-5017, CVE-2008-5018, CVE-2008-5019, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024, CVE-2008-5052). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5012 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5013 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5014 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5017 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5018 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5019 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5023 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5024 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5052 http://www.mozilla.org/security/known-vulnerabilities/firefox20.html#firefox2.0.0.18 Reproducible: Always Steps to Reproduce:
*** This bug has been marked as a duplicate of bug 246602 ***