Secunia released a listing of bugs that affects a variety of tabbed browsers. Check out their site to see the POC in action. I can see a variety of phishes coming out of this along with other potentials (e.g., have a link to AO and use the option to popup a "log in" javascript box).