Comment 0 for bug 16231

Firefox and the Mozilla Suite support custom "favicons" through the <LINK
rel="icon"> tag. If a link tag is added to the page programmatically and a
javascript: url is used, then script will run with elevated privileges and could
run or install malicious software.

Workaround: Disable javascript.

Fixed in: Firefox 1.0.3 / Mozilla Suite 1.7.7

References:

 - http://www.mikx.de/firelinking/

 - https://bugzilla.mozilla.org/show_bug.cgi?id=290036