Common Vulnerabilities and Exposures assigned an identifier CVE-2010-0648 to
the following vulnerability:
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets.href property value, related to an IFRAME element.
Note: this issue is supposed to refer to WebKit; I think MITRE got this description wrong as while this issue did affect Mozilla before, they fixed this quite a while ago (CVE-2008-0593, https://bugzilla.mozilla.org/show_bug.cgi?id=397427, MFSA 2008-11), so this really should refer specifically to WebKit.
This can be reproduced with webkitgtk 1.1.x, upstream patch is included in 1.2.0. It's also reproducible with qtwebkit from qt 4.6.2.
qt-4.6.2-17.fc11 has been submitted as an update for Fedora 11.
qt-4.6.2-17.fc12 has been submitted as an update for Fedora 12.
qt-4.6.2-17.fc13 has been submitted as an update for Fedora 13.
qt-4.6.2-17.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
qt-4.6.2-17.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
qt-4.6.2-17.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.