Security researcher Orlando Berrera of Sec Theory reported that recursive creation of JavaScript web-workers can be used to create a set of objects whose memory could be freed prior to their use. These conditions often result in a crash which could potentially be used by an attacker to run arbitrary code on a victim's computer.
Web Workers were introduced in Firefox 3.5 so this vulnerability did not affect earlier releases such as Firefox 3.
Vulmon