firefox is vulnerable to arbitrary code execution. A flaw was found in the way Firefox handled malformed JavaScript. A web page containing malicious JavaScript could cause Firefox to access already freed memory, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
lists.opensuse.org/opensuse-security-announce/2011-08/msg00023.html
lists.opensuse.org/opensuse-security-announce/2011-08/msg00027.html
www.debian.org/security/2011/dsa-2295
www.debian.org/security/2011/dsa-2296
www.debian.org/security/2011/dsa-2297
www.mandriva.com/security/advisories?name=MDVSA-2011:127
www.mozilla.org/security/announce/2011/mfsa2011-30.html
www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.20
www.redhat.com/support/errata/RHSA-2011-1164.html
www.redhat.com/support/errata/RHSA-2011-1165.html
www.redhat.com/support/errata/RHSA-2011-1167.html
www.securitytracker.com/id?1025940
access.redhat.com/errata/RHSA-2011:1164
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=626297
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14272