There're at least a couple of potential answers to this:
1) MSIE is integrated directly with the Windows OS and has things like ActiveX that can do things to the OS. Mozilla and other browsers are not integrated with the OS, and so there's less of a chance that they can actually exploit vulnerabilities within it. This is probably part of the answer.
2) MSIE is simply a poorly written piece of software. Without seeing the code, no one knows if this is the case or not. I personally doubt this, but you never know...
3) Mozilla and friends are just as buggy as MSIE, but they have comprised such a small share of the browser market (this is changing) that the exploit writers haven't bothered to go through them looking for holes to exploit.
Bear in mind, there have been arbitrary code vulnerabilities found recently in Mozilla, so it's not totally secure. I think that it not being integrated with the OS makes it more secure in that it can't play directly with the OS. This is cold comfort, though, if there's an arbitrary code vulnerability that allows an attacker to do rm -rf * in your home directory.
Of course, the really paranoid can create a user account just for running their browser, and then run it from a chroot jail.