http://news.com.com/Hackers+claim+zero-day+flaw+in+Firefox/ 2100-1002_3-6121608.html
The open-source Firefox Web browser is critically flawed in the way it handles JavaScript, two hackers said Saturday afternoon.
here is the info from
mozilla dev center blog http://developer.mozilla.org/devnews/index.php/2006/10/02/ possible-vulnerability-reported-at-toorcon/
So far we’ve been able to reproduce a denial of service issue based on the information they gave during their talk. In some cases this causes a crash based on an out of memory error. Based on the information we have at this time we have not been able to confirm whether an attacker can achieve code execution.
-Window Snyder