After performing some additional testing and parsing the feedback I've received from the list, it looks like only the following are affected: - Netscape 6.0 - 6.21 (Tested on Windows XP and RedHat 7.2) - Mozilla Build 2001090111 (Included with RedHat 7.2) And the following are not affected: - Mozilla 0.9.9 (Tested on RedHat 7.1, 7.2, and Debian) Not yet sure about at what version this changed. I'm hoping someone at Mozilla can confirm that it was truly fixed in 0.9.9 and not just inadvertantly changed where it could pop up somewhere else or under different circumstances. I don't see this being reported anywhere else (security focus lists), and can't seem to find any mention of it in any release notes for mozilla. If it has been fixed, it appears that it hasn't propogated to Netscape yet, and RedHat probably should include the newer version (as I'm sure they will) of the browser with future distributions.