The host is installed with Mozilla Firefox before 36.0 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle a crafted JavaScript code that makes an XMLHttpRequest call with zero bytes of data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.