After further investigation, the severity of the chrome protocol directory traversal vulnerability disclosed last week has been raised from low to high by Mozilla Security.

The flaw, that affects some 600+ add-ons that are distributed as expanded files and folders instead of packed in a .jar file, could allow a malicious site to get access to user files in known locations.

A fix has already been issued and will be pushed to users with the next Firefox update, 2.0.0.12, due for late next week. In the meantime, I suggest disabling at least your less frequently used extensions and switch back to the default theme until the update is available.