SUSE CVE-2009-0356
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the 1 about:plugins and 2 about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome privileges via vectors involving the URL field in a...