The vulnerability is caused due to an error in the JavaScript engine, as a "lambda" replace exposes arbitrary amounts of heap memory after the end of a JavaScript string.

Successful exploitation may disclose sensitive information in memory.

Heard this before?
Solution: Disable Javascript

<added>Mozilla Suite has the same Problem
[secunia.com...]
</added>