During the 2009 CanSecWest PWN2OWN competition, Nils demonstrated an attack involving XUL <tree> _moveToEdgeShift and garbage-collection in order to execute arbitrary code as the user running Firefox.
This is now public: http://www.mozilla.org/security/announce/2009/mfsa2009-13.html
This issue has been addressed in following products: Red Hat Enterprise Linux 2.1 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2009:0398 https://rhn.redhat.com/errata/RHSA-2009-0398.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:0397 https://rhn.redhat.com/errata/RHSA-2009-0397.html
seamonkey-1.1.15-3.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.15-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.