Mozilla security researcher moz_bug_r_a4 reported a
arbitrary code execution attack using a javascript:
URL. The Gecko
engine features a JavaScript sandbox utility that allows the browser or add-ons
to safely execute script in the context of a web page. In certain cases,
javascript:
URLs are executed in such a sandbox with insufficient
context that can allow those scripts to escape from the sandbox and run with
elevated privilege. This can lead to arbitrary code execution.