This vulnerability, coupled with an additional trick, allows the attacker to read arbitrary user-accessible files on the system, and thus steal some fairly sensitive information.
Vulnerable Systems: Firefox version 1.5.0.9
For security reasons, Firefox does not allow Internet-originating websites to access the file:// namespace. When the user chooses to manually allow a blocked popup however, normal URL permission checks are bypassed. The attacker may fool the browser to parse a chosen HTML document stored on the local filesystem, and because Firefox security manager treats all file:/// URLs as having “same origin”, such a document could read other local files at its discretion with the use of XMLHttpRequest, and relay that information to a remote server.
For protect your PC, upgrade Firefox to Firefox 2.0
Read more: Firefox Popup Blocker Allows Reading Arbitrary Local Files
