Fyi, Mozilla just release a SA for firefox , thunderbird and seamonkey [1] affecting the current versions in ports. The CVE record seems to be under validation. [1] http://www.mozilla.org/security/announce/2010/mfsa2010-71.html regards Rodrigo