Mozilla Firefox is an open source Web browser.
A bug was found in the way Firefox set an image as the desktop wallpaper. If a user chooses the "Set As Wallpaper..." context menu item on a specially crafted image, it is possible for an attacker to execute arbitrary code on a victim's machine. (CAN-2005-2262)
A bug was found in the way Firefox installed its extensions. If a user can be tricked into visiting a malicious webpage, it may be possible to obtain sensitive information such as cookies or passwords. (CAN-2005-2263)
A bug was found in the way Firefox handled multiple frame domains. It is possible for a frame as part of a malicious web site to inject content into a frame that belongs to another domain. This issue was previously fixed as CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937)
A bug was found in the way Firefox handled child frames. It is possible for a malicious framed page to steal sensitive information from its parent page. (CAN-2005-2266)
A bug was found in the way Firefox cloned base objects. It is possible for Web content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270)
Users of Firefox are advised to upgrade to this updated package that contains Firefox version 1.0.6 and is not vulnerable to these issues.