Even the mighty Firefox is vulnerable to attack, and we see this today with Secunia's publication of a newly discovered security flaw in the popular browser. Affecting only the 2.0.x branch, this flaw could potentially be exploited by malicious users to compromise a machine. The Firefox URL function is one method of exploitation, and a simple posted fix is to disable that particular handler.
This flaw is interesting in that it can be carried across browsers, with bad data from IE resulting in compromise:
The flaw has been noted elsewhere. We'll likely see an update from Mozilla soon.