Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0648 to the following vulnerability: Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element. http://code.google.com/p/chromium/issues/detail?id=32309 http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html Note: this issue is supposed to refer to WebKit; I think MITRE got this description wrong as while this issue did affect Mozilla before, they fixed this quite a while ago (CVE-2008-0593, https://bugzilla.mozilla.org/show_bug.cgi?id=397427, MFSA 2008-11), so this really should refer specifically to WebKit.
This can be reproduced with webkitgtk 1.1.x, upstream patch is included in 1.2.0. It's also reproducible with qtwebkit from qt 4.6.2.
qt-4.6.2-17.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/qt-4.6.2-17.fc11
qt-4.6.2-17.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/qt-4.6.2-17.fc12
qt-4.6.2-17.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/qt-4.6.2-17.fc13
qt-4.6.2-17.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
qt-4.6.2-17.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
qt-4.6.2-17.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.