The popup blocker in Mozilla Firefox before 1.5.0.7 opens the “blocked popups” display in the context of the Location bar instead of the subframe from which the popup originated, which might make it easier for remote user-assisted attackers to conduct cross-site scripting (XSS) attacks.
secunia.com/advisories/21949
secunia.com/advisories/21950
secunia.com/advisories/22001
secunia.com/advisories/22025
secunia.com/advisories/22056
secunia.com/advisories/22066
secunia.com/advisories/22195
secunia.com/advisories/22210
secunia.com/advisories/22422
secunia.com/advisories/24711
security.gentoo.org/glsa/glsa-200609-19.xml
securitytracker.com/id?1016849
support.avaya.com/elmodocs2/security/ASA-2006-224.htm
www.mandriva.com/security/advisories?name=MDKSA-2006:168
www.mozilla.org/security/announce/2006/mfsa2006-62.html
www.novell.com/linux/security/advisories/2006_54_mozilla.html
www.redhat.com/support/errata/RHSA-2006-0675.html
www.securityfocus.com/archive/1/446140/100/0/threaded
www.securityfocus.com/bid/20042
www.ubuntu.com/usn/usn-351-1
www.ubuntu.com/usn/usn-354-1
www.vupen.com/english/advisories/2006/3748
www.vupen.com/english/advisories/2007/1198
www.vupen.com/english/advisories/2008/0083
www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00771742
exchange.xforce.ibmcloud.com/vulnerabilities/28957
issues.rpath.com/browse/RPL-640
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10650