A look at recent FireFox 3 vulnerabliities...Heads up
True to form, Billy Rios promised a more in depth look at the MSFA2008-35 vulnerability which is another protocol handler flaw in Firefox 3. As previously reported here, this was another protocol handler flaw that led to arbitrary remote command execution, and is especially dangerous since it can be deployed widely through the use of a cross-site scripting attack vector. Note, Firefox3 no longer registers the Gopher protocol handler, which is a great security decision.
Site Link - ZDNet