An invalid free flaw was found in Firefox's plugin handler. Malicious web content could result in an invalid memory pointer being freed, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-48.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0556 https://rhn.redhat.com/errata/RHSA-2010-0556.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0558 https://rhn.redhat.com/errata/RHSA-2010-0558.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2010:0557 https://rhn.redhat.com/errata/RHSA-2010-0557.html
xulrunner-1.9.1.11-2.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
xulrunner-1.9.2.7-2.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.