It only took five hours after the release of Firefox 3.0 for researchers to find a vulnerability in the new browser. Tipping Point has verified the bug and reported it to Mozilla, owner of the Firefox browser on Wednesday.
The details on the problem have not been shared and will not until a fix has been made. Mozilla is working on the bug which Tipping Point classified as a high severity. Most will not be affected as they would have to click on a link in an e-mail or visit a malicious Web page to be affected. The issue also affects those using Firefox 2.0 as well.
As soon as the problem is fixed Tipping Point will publish an advisory about it on its site.
Tipping Point discovered the bug through its Zero Day Initiative. The program earns cash for researchers who submit new vulnerabilities to the company. When Tipping Point validates the problem it pays the person for that information and notifies the software vendor of the details.