Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390
https://bugzilla.mozilla.org/show_bug.cgi?id=454363
http://www.securitytracker.com/id?1022873
http://www.securityfocus.com/bid/36343
http://www.redhat.com/support/errata/RHSA-2009-1430.html
http://www.novell.com/linux/security/advisories/2009_48_firefox.html
http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
http://www.debian.org/security/2009/dsa-1886
http://secunia.com/advisories/37098
http://secunia.com/advisories/36757