Firefox 3.5.1 update is released to patch security vulnerability in the browser’s TraceMonkey JavaScript engine. The update tends to deny exploitation of malicious website to this critical security vulnerability.
The bug was first reported on July 9, Mozilla tracking system acknowledge Firefox user ‘zbyte’. The user described a bug that causes the browser to crash when he tries to input a text into an input box in the site apport.ru.
Firefox development team discovered that the bug is due to string encoding that uses JavaScript ‘escape’ function. They have used several test cases that exhibit the crash and determined that the problem is a tracing defect.
Read ArsTechnica