Mozilla security advisory (AV26-644)