Security Vulnerabilities fixed in SeaMonkey mfsa2015-65-2
Description
Security researcher Looben Yang used the Address Sanitizer tool to discover two related use-after-free vulnerabilities that occur when using XMLHttpRequest in concert with either shared or dedicated workers. These errors occur when the XMLHttpRequest object is attached to a worker but that object is incorrectly deleted while still in use. This results in exploitable crashes.
Affected Applications
SeaMonkey