MFSA2007-26 describes a flaw in the way Firefox loads certain about:blank windows. This flaw could allow certain Firefox extensions to be leveraged to execute arbitrary code as the user running Firefox. http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
This issue was addressed in all versions of Red Hat Enterprise Linux for firefox, seamonkey and thunderbird in following erratas: https://rhn.redhat.com/errata/RHSA-2007-0979.html https://rhn.redhat.com/errata/RHSA-2007-0980.html https://rhn.redhat.com/errata/RHSA-2007-0981.html Updates for Fedora are also available now.