There are various vulnerabilities in Firefox 1.x and 2.0.x which can lead to cross site scripting, remote system access, and various other attacks.
You can see details at the Mitre CVE site.
A reminder, you can find the original CVEs by inserting the correct number in:
The only real fix is to make certain you have updated to versiion 22.214.171.124 or 126.96.36.199 or later.
If you have automatic update on, the fixed versions have probably already been installed. One problem is that even with automatic update, you may need to confirm installation and restart of Firefox even if the new version has been automatically downloaded.