Security Focus has published a vulnerability found on Firefox (all releases and platforms) causing a serious security flaw. An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious file using the affected browser.
Exploit code at the link iframes a little xml file with an xslt transform that causes a crash reliably on 3.0 branch and trunk (and presumably 1.9.1, didn’t test). Null, but it’s being called, assuming the worst for the moment. – extracted