Core Security Technologies Advisory - The DX Studio Player Firefox plug-in suffers from a command injection vulnerability.