Security researcher Mariusz Mlynski reported that when a maliciously crafted stylesheet is inspected in the Style Inspector, HTML and CSS can run in a chrome privileged context without being properly sanitized first. This can lead to arbitrary code execution.
Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Mariusz Mlynski as the original reporter.
This issue has been addressed in following products:
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Via RHSA-2012:1482 https://rhn.redhat.com/errata/RHSA-2012-1482.html