Secunia Research has discovered a vulnerability in Firefox, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a race condition when accessing the private data of an NPObject JS wrapper class object if navigating away from a web page while loading a Java applet. This can be exploited via a specially crafted web page to use already freed memory. Successful exploitation may allow execution of arbitrary code. Firefox versions 3.0.7, 3.0.8, and 3.0.9 for Windows with JRE 6 Update 13 are affected.
59a414dd2e58d6c33945c4e0a4203f55a583994a9ddb89946f7965278edcebe0