There is an interesting vulnerability in the default behavior of Firefox built-in popup blocker. This vulnerability, coupled with an additional trick, allows the attacker to read arbitrary user-accessible files on the system, and thus steal some fairly sensitive information.

SecuriTeam (http://www.securiteam.com/securitynews/5JP051FKKE.html)