CVE-2012-1950
The drag-and-drop implementation in Mozilla Firefox 4.x through 13.0 and Firefox ESR 10.x before 10.0.6 allows remote attackers to spoof the address bar by canceling a page load.
Date published : 2012-07-18
http://www.mozilla.org/security/announce/2012/mfsa2012-43.html