I was just looking at the IE vulnerabilities vis-a-vis Firefox compiled by Secunia. Before going further you have to understand that IE has been much longer than Firefox and hence have been more extensively looked at for vulnerabilities.

As an aside I sometimes wonder if there is an initiation ritual for crackers where they have to find a new IE vulnerability to qualify as club members :)

Having said that lets look at some pictures.
Internet Explorer Security Vulnerabilities
The trend seems to be rising somewhat from the above graph.

Now lets see how actively they are being fixed:
Internet Explorer Vulnerability Resolution Status
As you can see there are 34 % unpatched defects with 11 % partial fix.

Overall there are 15 % extremely critical and 30 % highly critical defects.
Criticality of defects in Internet Explorer

Interestingly 98% of the defects can be exploited remotely.
Reote exploitability of IE defects

In contrast Firefox doesn't even have a graph to show :(
Instead I quote from the website:

The Secunia database currently contains 0 Secunia advisories marked as "Unpatched", which affects Mozilla Firefox 1.x.