Dholbert

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox version 3.6.7 **Description** The issue is related to the improper freeing of memory in the parameter array of a plugin instance, which can be exploited by remote attackers through a crafted HTML document. This is specifically tied to the DATA and SRC attributes of an OBJECT element, potentially leading to memory corruption or the execution of arbitrary code. **Recommendations** For Mozilla Firefox version 3.6.7, update to a version that properly addresses the memory freeing issue in the parameter array of plugin instances to prevent potential memory corruption or arbitrary code execution.

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 3.0.14 Mozilla Firefox versions 3.5.x prior to 3.5.2 Description: The issue affects the browser engine, allowing remote attackers to cause a denial of service, which includes memory corruption and application crash, or possibly execute arbitrary code. The exact vectors used for the attack are not specified. Recommendations: For versions prior to 3.0.14, update to version 3.0.14 or later. For versions 3.5.x prior to 3.5.2, update to version 3.5.2 or later.