The host is missing a critical security update according to Mozilla advisory, MFSA2014-91. A flaw is present in the applications which fails to properly handle a Chrome Object Wrapper. Successful exploitation allows remote attackers to bypass intended DOM object restrictions via a call to an unspecified method.