Crash when using web workers with asm.js
- February 4, 2014
- Soeren Balko
- Firefox, Firefox ESR, SeaMonkey
- Fixed in
- Firefox 27
- Firefox ESR 24.4
- SeaMonkey 2.24
Soeren Balko reported a crash when
terminating a web worker running
asm.js code after passing an
object between threads. This crash is potentially exploitable.
In general this flaw cannot be exploited through email in the Thunderbird and Seamonkey products because scripting is disabled in mail, but is potentially a risk in browser or browser-like contexts.