Endpoint Vulnerability

XMLHttpRequest crashes with some input streams

Description

Security researcher Joe Vennix from Rapid7 reported that passing a JavaScript object to XMLHttpRequest that mimics an input stream will a crash. This crash is not exploitable and can only be used for denial of service attacks.

Affected Products

SeaMonkey

References

CVE-2014-1590,