US-CERT is aware of reports of a vulnerability affecting Mozilla Firefox 3.5. This vulnerability is due to an error in the way JavaScript code is processed. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Additionally, exploit code is publicly available for this vulnerability.

US-CERT encourages users and administrators to disable JavaScript as outlined in the Securing Your Web Browser document to help mitigate the risks associated with this vulnerability.

US-CERT will provide additional information as it becomes available.

Read more: US-CERT Current Activity