New, unpatched JAR: protocol vulnerability reported originally in Firefox 2.0.0.9 and word processor applications affects to Google too.
Web sites using so-called open redirects are vulnerable.

The vulnerability was reported by Petko D Petkov (aka pdp) familiar with Acrobat and Gmail vulnerabilities etc.

Severe XSS in Google and Others due to JAR protocol issues:
http://www.gnucitizen.org/blog/severe-xss-in-google-and-others-due-to-the-jar-protocol-issues

The following Beford.org blog entry demonstrates the issue (spaces added to prevent hyperlink):

http://beford.org/stuff/jarjarbinks . htm

redirecting to jar:http://groups . google . com/searchhistory... type URL.

Background information –
The JAR vulnerability entry from 7th Nov:
http://www.gnucitizen.org/blog/web-mayhem-firefoxs-jar-protocol-issues

Vulnerabilities on Google's domain were reported during the weekend.

When testing the link mentioned (FF on Mac) Google is vulnerable still.
I have confirmed on Saturday (UTC) that Google security team is aware.

Mozilla has shared information about the upcoming Firefox 2.0.10 patch here:
http://blog.mozilla.com/security/2007/11/16/jar-protocol-xss-security-issues/

It appears that the "jarjarbinks.htm" Proof-of-Concept type link listed at
http://blog.beford.org/?p=8

doesn't work any more. Probably Google has fixed the vulnerability now?

It didn't work on Wednesday 14th Oct when I tested it, but I missed to make a forum post:(

Ooops, when tested on Wednesday 14th _Nov_ – this week!

Updated information, delivered me by the author of Beford Blog:

When entering the "jarjarbinks.htm" link manually to the browser (i.e. Copy Link Location with right mouse-button) the links works still.
It appears that after two weeks Google hasn't fixed this yet!

[link mentioned in previous posts]

And new Firefox 2.0.0.10 includes a fix now:
http://www.mozilla.org/security/announce/2007/mfsa2007-37.html