Mozilla updated its flagship Firefox browser to version 2.0.0.2 and the legacy version to release 1.5.10. The updated browser fixes at least seven flaws, including a password vulnerability bug rated critical last November.

The Mozilla Foundation Security Advisory 2007-02, broadly titled "Improvements to help protect against Cross-Site Scripting attacks," provides a fix for the password vulnerability flaw. The advisory is listed as having low impact, though the original bugzilla entry page for the password flaw listed the flaw as critical.

According to Mozilla's advisory, Firefox 2.0.0.2 and 1.5.0.10 both contained several small changes that are intended to make it easier for sites to protect visitors against Cross-Site Scripting (XSS) attacks.

The one critical bug identified by Mozilla in the latest release is a crash condition that could lead to a memory corruption, according to Mozilla's advisory.

"Some of these were crashes that showed evidence of memory corruption and we presume that with enough effort at least some of these could be exploited to run arbitrary code," the advisory said.

This article was first published on InternetNews.com. To read the full article, click here.