Javascript privilege esccalation and code execution, crossite scripting, multiple DoS conditions, URI and dialogs spoofing, local ports access from Java, privacy problems on SSL authentication.
vulners.com/securityvulns/securityvulns:doc:19515
vulners.com/securityvulns/securityvulns:doc:19516
vulners.com/securityvulns/securityvulns:doc:19517
vulners.com/securityvulns/securityvulns:doc:19518
vulners.com/securityvulns/securityvulns:doc:19519
vulners.com/securityvulns/securityvulns:doc:19520
vulners.com/securityvulns/securityvulns:doc:19521
vulners.com/securityvulns/securityvulns:doc:19530