A "Highly Critical" vulnerability has been discovered in Firefox 3.5. The vulnerability is in the way Firefox handles JacaScript code. At this time there is not vendor patch but there is a band aid.
Open your about.config file in Firefox and find the line titled "javascript.options.jit.content". Set the value to "false". I also found on another blog that you may want the ensure that the value "javascript.options.jit.chrome" is also set to "false".
Secunia.com
Mozilla Security Blog
Update 7/21/2009
Fix (LINK)
Posted by
Mike Wright
