Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window's memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property could result in the execution of attacker-controlled memory.
This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0780 https://rhn.redhat.com/errata/RHSA-2010-0780.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2010:0781 https://rhn.redhat.com/errata/RHSA-2010-0781.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0782 https://rhn.redhat.com/errata/RHSA-2010-0782.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0861 https://rhn.redhat.com/errata/RHSA-2010-0861.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0896 https://rhn.redhat.com/errata/RHSA-2010-0896.html