Security firm Secunia are warning of a zero-day securty exploit which has been discovered in Firefox 3.5 allowing a milicious site to execute arbituary code.
“The vulnerability is caused due to an error when processing JavaScript code handling e.g. ‘font’ HTML tags and can be exploited to cause a memory corruption” said a spokesperson from Secunia.
No word from Mozilla on a fix yet, but Firefox 3.5.1 will likely be released in the coming days to address the issue.