US-CERT is aware of reports of a vulnerability in Mozilla Firefox that may allow directory traversal within the chrome protocol scheme. This vulnerability could lead to information disclosure and affects users that have certain "flat" packaged add-ons installed. 

US-CERT encourages users to:

• Review the Mozilla Security Blog referencing this issue
• Consider following the best security practices found in the Securing Your Web Browser Document to help mitigate the risks