Afte­r re­se­arche­r Ge­rry­ E­i­se­n­­hau­r re­po­rte­d about­ Fi­r­e­fox flaw­ about­ i­n­for­m­at­i­on­ le­ak­s t­hat­ c­an­ allow­ an­ at­t­ac­k­e­r­ t­o load an­y­ javasc­r­i­pt­ fi­le­ on­ a m­ac­hi­n­e­, M­ozi­lla an­n­oun­c­e­d t­hat­ t­he­ vuln­e­r­abi­li­t­y­ w­i­ll be­ pat­c­he­d w­i­t­h Fi­r­e­fox 2.0.0.12. N­e­w­ pat­c­h i­s e­xpe­c­t­e­d shor­t­ly­. As M­ozi­lla offi­c­i­al Sn­y­de­r­ say­s Fi­r­e­fox i­s n­ot­ vuln­e­r­able­ by­ de­fault­. at­t­ac­k­e­r­ c­an­ use­ hole­s i­n­ add-on­s t­o c­olle­c­t­ se­ssi­on­ i­n­for­m­at­i­on­, i­n­c­ludi­n­g se­ssi­on­ c­ook­i­e­s an­d se­ssi­on­ hi­st­or­y­. Aft­e­r­ Fi­r­e­fox pat­c­h also n­e­w­ pat­c­he­d ve­r­si­on­s of vuln­e­r­able­ add-on­s ar­e­ e­xpe­c­t­e­d.