The exploit could allow a malicious user to execute arbitrary code on a remote system and is rated highly critical by Secunia.
“The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be exploited to execute arbitrary code when a user e.g. visits a specially crafted web page and closes opened pop-up windows” says the Secunia security advisory.
The vulnerability affects both Mac OS X and Windows versions of the browser. Apple is yet to release an update to close the flaw.