Mozilla security researcher moz_bug_r_a4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue(). This can allow for improper access access to the Location object and the potential for arbitrary code execution. Security researcher Gareth Heyes also blogged about a Firefox 16 only symptom that is fixed in the updated versions. This issue only affects Firefox 16.0 and does not affect the ESR version. External Reference: http://www.mozilla.org/security/announce/2012/mfsa2012-89.html Acknowledgements: Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Gareth Heyes as the original reporter. Statement: This issue does not affect the version of firefox and thunderbird as shipped with Red Hat Enterprise Linux 5 and 6