Another Mozilla hand suggested that the Mac OS X bug may affect other browsers as well. "Chances are more applications use the same buggy API (Safari? Chrome?)," Andreas Gal said. Gal, a project scientist at the University of California-Irvine, was a key contributor to the that Mozilla added to Firefox with Version 3.5.

Just last Thursday, for the first time, issuing a fix for a critical vulnerability in TraceMonkey's just-in-time (JIT) compiler. In the run-up to creating a fix for that flaw, Mozilla developers speculated that the hacker had dug through Bugzilla to find information that helped him exploit the vulnerability.

Mozilla repeated the charge in the entry for the newest bug. "Sam and Reed think that someone might be trawling Bugzilla in order to develop exploits," said Mike Beltzner, the director of Firefox, in a comment added to the Bugzilla thread. "Not sure what to do about that." The same hacker who posted exploit code last week was one of two who claimed to have created the newest attack code.

Gal declined to suggest solutions about hacker trawling. "I am not comfortable talking about what goes wrong and why since that might reveal other, potentially even more severe problems in some cases," he said.

There is as yet no fix for the crash bug now being investigated.