By far, the majority of the defects reported were null pointer dereferences (446 defects). A large number of defects resulted from the code not checking for null after memory was allocated. In addition, there were many cases where the return value of functions designed to return null were not checked prior to dereferencing.
Some might see this as a strike against Firefox, but in fact it is exactly the opposite. Unlike a closed source browser such as IE, having the source available to the public makes this kind of exploration possible and may in fact encourage improvement. There's no word from the Firefox team just yet, though I'm sure they will look into the findings.