Computerworld News reports . “Computers running the Firefox Web browser could be open to remote attack as a result of a buffer overflow vulnerability reported today by a security researcher.”
In what sounds like a pretty irresponsible act, MozillaZine reports According to the News.com article, Ferris reported the flaw to the Mozilla Foundation on Sunday, in line with the Mozilla security bugs policy. However, he decided to make the vulnerability public “after a run-in with Mozilla staff”.
A description of how to disable the flaw is described in the article (also in the comments) and a patch will be forthcoming soon. Note that the flaw the same researcher reported to Microsoft last month (and did not disclose publicly) has still not been patched.