Hi micky77,
This is a vulnerability that can be addressed remotely, but it has not been exploited as such, not yet!
re:
http://www.theregister.co.uk/2007/08/13/firefox_remote_leakage/But remember that the NoScript extension installed can secure you from former, this and future script holes and attacks. That is how strong this form of security is.
That is one. On the other hand you could decide to close your eyes for malicious JavaScript which can hide embedded on a website, so in that case you run certain risks with every browser you load up!
Being more secure is just an attitude, make your browser less vulnerable by searching with add-ons or search engines that warn you for websites with malicious code, you can use scandoo.com, you can use McAfeeSiteAdvisor or scan suspicious sites with DrWeb's av hyperlink checker to see if they are clean before you click the link.
Blacklists won't help you much, because malicious coders change their infectious sites all the time.
On the other hand you can forget about NoScript (you feel it is a nag, it slows you down, and hitting an infectious site is such a remote possibility for you, and then it will hit other people and not you), so you can also forget about real time scanning against sites that have malicious code (for more or less the same reasons, it is a nag, it slows your clicking tempo etc.),
but the situation on the Internet has changed to such an extent that that is a very, very, very unwise policy. Maybe you want to say after the American senator, who thinks that the Internet is "some system of tubes" and you can click on anything that is to be clicked on, right click and if that does not work left click, and if that does not give results you can also click it away, can't ye?
polonus