Red Hat Bugzilla – Bug 190124
CVE-2006-1993 Firefox arbitrary code execution vulnerability
Last modified: 2007-11-30 17:11:31 EST
A bug exists in Firefox (1.5 branch only) in the way it handles
iframe.contentWindow.focus() calls. A malicious web page could potentially
execute arbitrary code as the user running firefox.
The initial post to bugtraq can be found here:
This issue has been fixed in FEDORA-2006-547