CVE-2008-5913 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5913): An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Nothing for mozilla team to do here.
Fixed with the stabilization of www-client/mozilla-firefox{,-bin}-3.6.4 in bug 324735 (with an additional variant of the vulnerability identified as CVE-2010-3171). Added to existing GLSA request.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).