You are here: Known Vulnerabilities in Mozilla Products (Firefox 184.108.40.206) > MFSA 2007-26
Mozilla Foundation Security Advisory 2007-26
Title: Privilege escalation through chrome-loaded about:blank windows
Announced: July 30, 2007
Products: Firefox 220.127.116.11, Thunderbird 18.104.22.168, SeaMonkey 1.1.3
Fixed in: Firefox 22.214.171.124
Any workaround would depend on the addon in question. One addon known to be affected was the Web Developer Toolbar, which was safe in its default configuration but potentially vulnerable to malicious web content if informational windows were opened as separate windows instead of tabs. The workaround for this, then, is to switch back to the default setting.
Other affected addons might not have a workaround other than to upgrade to a fixed version of Firefox.