The host is installed with Mozilla Firefox before 34.0 or SeaMonkey before 2.31 and is prone to an unspecified vulnerability. A flaw is present in the applications which fails to properly interact with XrayWrapper property filtering. Successful exploitation allows remote attackers to bypass intended DOM object restrictions by leveraging property availability after XrayWrapper removal.