Modernizing Authentication — What It Takes to Transform Secure Access
The flaws do not affect the recently released Firefox 2.0 version. The latest 22.214.171.124 release will also include an update that will make it easier for existing users to get major upgrades from Mozilla.
Among the critical bugs fixed in this version is titled, "Crashes with evidence of memory corruption." The crashes could have been triggered by several bugs. Mozilla's analysis: there was potential for memory corruption that potentially could have been exploited to run arbitrary code.
One of the issues for some 1.5.x users that have prevented them from upgrading to Firefox 2.0 is that, to date, Firefox 1.5.x has not "advertised" that it can be updated to version 2.0.