Modernizing Authentication — What It Takes to Transform Secure Access
Mozilla has plugged a few holes in Firefox 1.5.x for what ostensibly may turn out to be the last time. The final release of Firefox 22.214.171.124 accompanies the release of Mozilla's current standard bearer Firefox 126.96.36.199, both of which are being patched for at least five flaws.
Only one is critical. Mozilla Foundation Security Advisory 2007-12 details a flaw about a memory crash that could potentially lead to arbitrary file execution.
Rated "low impact," the flaw could have enabled a denial-of-service attack. Filling a text field with millions of characters and submitting the form will cause the victim's browser to hang for up to several minutes while the form data is read, and this will happen the first time auto complete is triggered after every browser restart.
The Firefox 188.8.131.52 release is expected to be the last official Mozilla release in the Firefox 1.5.x product line, which was first launched in November 2005. The release of Firefox 2.x in October superseded 1.5.x as Mozilla's flagship browser line.