Security hole hits Firefox

Firefox is vulnerable to a buffer overflow attack that is deemed 'highly critical'.

Tom Ferris, a security expert, discovered the flaw. It affects all versions of the open source browser up to 1.0.6, as well as the beta for Firefox 1.5.

The vulnerability allows an attacker to remotely execute code on a compromised system through a buffer overflow attack.

Mozilla has published a patch that protects the browser against sites seeking to exploit the flaw, and has posted instructions for a manual workaround.