Mozilla contributor moz_bug_r_a4 reported a vulnerability which allows arbitrary JavaScript to be executed with chrome privileges. The privilege escalation was possible because JavaScript loaded via mozIJSSubScriptLoader.loadSubScript() was not using XPCNativeWrappers when accessing content. This could allow an attacker to overwrite trusted objects with arbitrary code which would be executed with chrome privileges when the trusted objects were called by the browser.
This will be MFSA 2008-25
This is now public: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15
devhelp-0.16.1-8.fc8, gtkmozembedmm-1.4.2.cvs20060817-21.fc8, yelp-2.20.0-10.fc8, gnome-web-photo-0.3-11.fc8, kazehakase-0.5.4-2.fc8.2, blam-1.8.3-16.fc8, epiphany-2.20.3-5.fc8, liferea-1.4.15-2.fc8, epiphany-extensions-2.20.1-8.fc8, galeon-2.0.4-3.fc8.3, openvrml-0.17.6-3.fc8, chmsee-1.0.0-2.31.fc8, ruby-gnome2-0.17.0-0.2.rc1.fc8, firefox-2.0.0.15-1.fc8, gnome-python2-extras-2.19.1-15.fc8, Miro-1.2.3-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.10-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.10-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-2.0.0.16-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-2.0.0.16-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This was addressed via: Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2008:0547 Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2008:0547 Red Hat Enterprise Linux version 4 (seamonkey) RHSA-2008:0547 Red Hat Enterprise Linux version 4 (firefox) RHSA-2008:0549 Red Hat Enterprise Linux version 5 (firefox) RHSA-2008:0569 Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2008:0616 July 23 2008 Red Hat Enterprise Linux Desktop version 5 (thunderbird) RHSA-2008:0616 RHEL Optional Productivity Applications version 5 (thunderbird) RHSA-2008:0616