Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
https://bugzilla.mozilla.org/show_bug.cgi?id=454363
http://secunia.com/advisories/36670
http://secunia.com/advisories/36671
http://secunia.com/advisories/36757
http://secunia.com/advisories/37098
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250
http://www.debian.org/security/2009/dsa-1886
http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
http://www.novell.com/linux/security/advisories/2009_48_firefox.html