The host is missing a security update according to MFSA 2012-99. The update is required to fix security bypass vulnerability. A flaw is present in the applications, which fail to consider the compartment during property filtering. Successful exploitation allows remote attackers to bypass intended chrome-only restrictions on reading DOM object properties via a crafted web site.