Cenzic CTO Lars Ewe believes the large number of vulnerabilities in Firefox is a result of the large exposure of Firefox and the way the browser handles plug-ins. However, he also added that the large number of vulnerabilities doesn't necessarily mean that Firefox users were more vulnerable.
Ewe said that Cenzic looked at all reported vulnerabilities. There is no specific differentiation for zero day bugs in the browser vulnerability count either. All that raises the question of how Cenzic actually came up with their vulnerability counts in the first place.More info at InternetNews.
"The process that we follow is looking at a number of different vulnerability databases and sources that we have and trying to come up with a fair percentage based on the deviations we see between the databases," Ewe said. "You could make the argument, that's its 40 percent or 42 percent and there might be some variation on how you analyze it, but certainly it's not off by 20 percent."