Red Hat Bugzilla – Bug 188825
Last modified: 2007-11-30 17:11:30 EST
shutdown discovered it was possible to use the Object.watch() method to
access an internal function object (the "clone parent") which could then be
used to install malware such as password sniffers or viruses.
In pre-release versions of Firefox 1.5 the same technique could be applied
to the Array generic methods introduced in that release.
This issue also affects FC4
These issues have been resolved in FEDORA-2006-411 for FC5 and FEDORA-2006-410