Firefox 安全通告

睡醒就看到 CERT 的安全通告：Mozilla Firefox fails to properly handle JavaScript onUnload events：

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user.

沒事不要亂逛網站… :o