Netscape has this week released Netscape version 8.0.3.1, which fixes four security holes which Netscape calls “critical”. Two of these critical security flaws have already been documented, while two others have not, but are nonetheless addressed with 8.0.3.1.

The two security flaws which have been documented are a code execution through shared function objects issue, in which “improper cloning of base objects allowed web content scripts to walk up the prototype chain to get to a privileged object,” and a problem where “standalone applications can run arbitrary code through the browser” whereby when a media playser such as Flash or Quicktime opens a URL in the Netscape browser…

[Continue reading Netscape Critical Flaws Fixed with This Week’s Netscape 8.0.3.1 Release]