firefox is vulnerable to privilege escalation. The vulnerability exists as a flaw was found in the way Firefox displayed certain Unicode characters in International Domain Names (IDN). If an IDN contained invalid characters, they may have been displayed as spaces, making it appear to the user that they were visiting a trusted site.
osvdb.org/55162
secunia.com/advisories/35331
secunia.com/advisories/35415
secunia.com/advisories/35431
secunia.com/advisories/35439
secunia.com/advisories/35468
slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468
sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1
www.debian.org/security/2009/dsa-1820
www.mozilla.org/security/announce/2009/mfsa2009-25.html
www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.11
www.redhat.com/security/updates/classification/#critical
www.securityfocus.com/bid/35326
www.securityfocus.com/bid/35388
www.vupen.com/english/advisories/2009/1572
access.redhat.com/errata/RHSA-2009:1095
bugzilla.mozilla.org/show_bug.cgi?id=479413
bugzilla.redhat.com/show_bug.cgi?id=503573
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10436
rhn.redhat.com/errata/RHSA-2009-1095.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html
www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html