The main purpose of our talk was to be humorous.
... As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this ... I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities ...
Hopefully he is honestly. Window Snyder commented on this message:
Even though Mischa hasn't been able to achieve code execution, we still take this issue seriously. We will continue to investigate.