Red Hat Bugzilla – Bug 250648
CVE-2007-3844 Privilege escalation through chrome-loaded about:blank windows
Last modified: 2007-10-29 14:32:20 EDT
MFSA2007-26 describes a flaw in the way Firefox loads certain about:blank
windows. This flaw could allow certain Firefox extensions to be leveraged to
execute arbitrary code as the user running Firefox.
This issue was addressed in all versions of Red Hat Enterprise Linux for
firefox, seamonkey and thunderbird in following erratas:
Updates for Fedora are also available now.