Mozilla security researcher moz_bug_r_a4 reports that by using an appropriately wrapped object it was possible to bypass the fix for MFSA 2007-19. Prior to Firefox 3.6 this gives an attacker the ability to perform cross-site scripting attacks against arbitrary sites as in the original MFSA 2007-19 attack. Due to unrelated changes in the browser engine used by Firefox 3.6, attacks in that version are limited to capturing keystroke events from a cross-origin frame or window rather than full DOM access. Those events might be sufficient to illicitly obtain passwords or other sensitive information entered into web forms. Upstream advisory: http://www.mozilla.org/security/announce/2010/mfsa2010-12.html This was fixed in upstream Firefox 3.0.18, and via RHSA-2010:0112 in Red Hat Enterprise Linux 4 and 5. https://rhn.redhat.com/errata/RHSA-2010-0112.html
A patch was applied to correct this in Red Hat Enterprise Linux 3 and 4 (Seamonkey) via RHSA-2010:0113: https://rhn.redhat.com/errata/RHSA-2010-0113.html A patch was applied to correct this in Red Hat Enterprise Linux 4 (Thunderbird) via RHSA-2010:0154: https://rhn.redhat.com/errata/RHSA-2010-0154.html A patch was applied to correct this in Red Hat Enterprise Linux 5 (Thunderbird) via RHSA-2010:0153: https://rhn.redhat.com/errata/RHSA-2010-0153.html