The two researchers--college student and Six Apart developer Mischa Spiegelmock and hacker Andrew "Wbeelsoi" who also uses the handle "Weev"--appeared to demonstrate a remotely exploitable flaw in the Javascript implementation of the Mozilla Firefox browser during their Saturday presentation. However, the duo have not been able to actually get the vulnerability to result in control of a computer, Spiegelmock said in a statement posted to the Mozilla developer blog.
http://www.securityfocus.com/news/11416