Endpoint Vulnerability

Calling scope for new Javascript objects can lead to memory corruption

Description

Mozilla community member Ms2ger found a mechanism where a new Javascript object with a compartment is uninitialized could be entered through web content. When the scope for this object is called, it leads to a potentially exploitable crash.

Affected Products

SeaMonkey

References

CVE-2013-1725,