Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2009-28

Race condition while accessing the private data of a NPObject JS wrapper class object

June 11, 2009
Jakob Balle, Carsten Eiram
Fixed in
  • Firefox 3.0.11


Jakob Balle and Carsten Eiram of Secunia Research reported a race condition in NPObjWrapper_NewResolve when accessing the properties of a NPObject, a wrapped JSObject. Balle and Eiram demonstrated that this condition could be reached by navigating away from a web page during the loading of a Java applet. Under such conditions the Java object would be destroyed but later called into resulting in a free memory read. It might be possible for an attacker to write to the freed memory before it is reused and run arbitrary code on the victim's computer.

This vulnerability does not affect Firefox 2 nor other products built using the "Gecko 1.8" version of Mozilla code.


Disable Java until a version containing these fixes can be installed.