The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird
before 3.1.6 does not properly handle XPCNativeWrappers during calls to the
loadSubScript method in an add-on, which makes it easier for remote
attackers to gain privileges via a crafted web site that leverages certain
unwrapping behavior, a related issue to CVE-2011-3004.
From the upstream advisory at https://www.mozilla.org/security/announce/2011/mfsa2011-46.html:
Mozilla security researcher moz_bug_r_a4 reported that the problem described in MFSA 2011-43 and fixed in Firefox 7 also affected Firefox 3.6: a malicious page could potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.
Mozilla team is not needed here.
This issue was resolved and addressed in
GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).