[ad]
This has just been posted to Bugtraq.
For now you can test if your version is vulnerable, here. (will cause Firefox to close)
So far Firefox 1.5.0.7 and 2.0 (Linux) have been tested, and both vulnerable. Firefox 1.0.7 (Win32), not vulnerable.
The code used on the test page and the one submitted to Bugtraq can be found here.
Severity: … not really
Update: This attack does not allow remote code execution! It has been posted on the mailing lists and several news sites.
Michael B says
2.0 on Mac OS X also died.
Richard says
Thank you for the test. My version 2 is vulnerable.
Jacob says
Firefox 2.0 /w NoScript didn’t crash.
Gouki says
Disabling Java and JavaScript is enough.