Referenencing the firefox thread that was going on earlier, I ran across this article:

that concludes " It appears that the overall quality of code, and more importantly, the
  amount of QA, on various browsers touted as "secure", is not up to par
  with MSIE; the type of a test I performed requires no human interaction
  and involves nearly no effort. Only MSIE appears to be able to
  consistently handle \[*\] malformed input well, suggesting this is the
  only program that underwent rudimentary security QA testing with a
  similar fuzz utility."