Firefox (both 3.6.8 and 4.0betas) come with 149 root certificates instead of 124.
While IE shows that it has only a dozen root certificates, this is not what's really going on. Try to connect to a secure website that is not vouched for by those 16 IE root certificates; you will notice that the secure website is accepted. The really number of root certificates in IE is well over 250.
What I would like to see in Firefox is a facility to log when certificates are accessed and allow to control their use. For now there is a Firefox addon called Certificate Watch (CertWatch) at https://addons.mozilla.org/en-US/firefox/addon/155126/ that logs when root and website certificates are accessed and notifies when new certificates are found. Without logging the use of certificates it will not be possible to provide a facility to detect attacks.
You can export all Firefox certificates in one go with the addon Export All Certificates, https://addons.mozilla.org/en-US/firefox/addon/141504/
Without this addon, you need to specify the name for each of the 149 root certificates if you want to save them in the traditional way.