Mozilla Firefox is prone to a remote code-execution vulnerability.
Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions.
The issue affects Firefox 3.5; other versions may also be vulnerable.
NOTE: Remote code execution was confirmed in Firefox 3.5 running on Microsoft Windows XP SP2. A crash was observed in Firefox 3.5 on Windows XP SP3.