Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. A type-confusion bug in the JIT optiomizations involving the Javascript arguments object could confuse later optimization and result in arbitrary code execution...