ryujin -AT- offensive-security.com
Thx to dookie for helping ;)
http://www.mozilla.org/security/announce/2011/mfsa2011-22.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2371
DEP / ASLR bypassing through JAVA MSVCR71 sayonara rop chain
Tested on Windows 7 Ultimate / firefox 3.6.16 and 3.6.17

You need a Java-enabled browser to pwn this.