Fresh vulnerabilities have been found in several web browsers, including Safari, Internet Explorer 5.x, Camino 0.x and iCab 2.x for OS X; IE 6.x for Windows; and Opera 7.x and 8.x, Mozilla 1.7x and all version of Firefox on both platforms. The vulnerabilities relate to a dialog origin spoofing flaw, whereby JavaScript dialog boxes do not display or include their origin, which allows a new window to open a dialog box, which appears to be from a trusted site. Fixes have yet to be released. See here for more.