The problem - explained in some depth on the Milw0rm security exploit portal - means that hackers could compromise a website and then infect visitors to the page who use Firefox.
The cause of the security flaw in Firefox appears to be a buffer overflow when processing font tags that have been customised, Infosecurity understands.
Mozilla has been notified of the security problem and is expected to bring out a patch shortly.
Infosecurity suggests that Firefox users should either disable Javascript on their browsers or - if they want to visit sites with Javascript features using Firefox - install the IE Tab add-in.
The IE Tab add-in - coded by Taiwanese programmer Hong Jen Yee - allows Internet Explorer's rendering engine to be loaded within Firefox and so prevent the native Javascript flaw from causing problems.
The add-in is also useful, Infosecurity notes, for accessing sites using Firefox that normally only work with Internet Explorer.