Zero-day flaw found in Firefox 3.5
The critical vulnerability in the two-week-old version of the browser opens users up to drive-by attacks, Mozilla has warned.
The hole could allow a hacker to launch a "drive-by" attack, according to Mozilla. That means an attacker may be able to execute malicious code on a target machine, if the victim visits a Web site containing an exploit.
The JIT compiler is part of TraceMonkey, which was added to Firefox for its 3.5 update. TraceMonkey is meant to optimise the browser, which is faster than previous iterations of Firefox, according to Mozilla.
Tom Espiner of ZDNet UK reported from London.