This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or otherwise render a malicious file.
The specific flaw exists within a particular XSLT transformation when applied to an XML document. If a large number of elements have this transformation applied to them, the application will misallocate a buffer. Upon usage of this buffer the application will copy more data than allocated thus causing an overflow. This can lead to code execution under the context of the application.