"Remote exploitation of a buffer overflow in the Mozilla Foundation's
libpr0n image processing library allows attackers to execute arbitrary
This has been fixed in the libpr0n libraries and pushed into Firefox
3.5.4. It is recommended that users upgrade to this version to avoid
If upgrade is not possible, users can disable automatically loading
images into their browser as a work around.
PS. I would be remiss if I didn't comment on the library's name. From
the developer's site, 'the name "imglib2" is boring.'