The Mozilla 1.0.2 released fixed and disclosed a lot of security bugs, some of them severe.
Beonex Communicator 0.8.2 is based on Mozilla 1.0.2 and thus contains these fixes. We strongly recommend you to update Communicator.
List of security bugs fixed:
|91043||document.write while another page is loading can bypass same-origin check|
|151478||https wyciwyg page is cached|
|152701||More eavsdropping in mailnews...|
|157646||Possible heap corruption in libjar|
|161357||Buffer overflow with external protocol handler|
|162393||A variable called "content" confuses urlSecurityCheck in contentAreaUtils.js|
|162520||Possible princeton-style password stealing exploit|
|163648||URL with "vbscript:" protocol launches MS Internet Explorer|
|164695||Heap corruption in libjar using manifest length -1|
|168316||Violating same-origin with Java|
|169982||XMLSerializer.serializeToStream needs same origin check|
|171274||URL bar spoofing using XUL <browser type="content-primary">|
Related: Previous updates - announce mailing-list - How to disable checks