Dmitri Gribenko reported that the script used to launch Mozilla applications on Linux was effectively including the current working directory in the LD_LIBRARY_PATH environment variable. If an attacker was able to place into the current working directory a malicious shared library with the same name as a library that the bootstrapping script depends on the attacker could have their library loaded instead of the legitimate library.
This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0780 https://rhn.redhat.com/errata/RHSA-2010-0780.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2010:0781 https://rhn.redhat.com/errata/RHSA-2010-0781.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2010:0782 https://rhn.redhat.com/errata/RHSA-2010-0782.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0861 https://rhn.redhat.com/errata/RHSA-2010-0861.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2010:0896 https://rhn.redhat.com/errata/RHSA-2010-0896.html