Name of the Vulnerable Software and Affected Versions: SeaMonkey versions prior to 2.53.19

Description: The issue is related to a security vulnerability in SeaMonkey. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the use of nsIStandardURL::Init and the OfflineAppCacheHelper.jsm copy. The view-image feature can open a data: URI by setting a flag on the loadinfo. The Save-link-as feature should use the loading principal and context menu using nsIContentPolicy.TYPE SAVE AS DOWNLOAD.

Recommendations: For versions prior to 2.53.19, update to SeaMonkey 2.53.19 to resolve the issue. As a temporary workaround, consider disabling the use of nsIStandardURL::Init and the OfflineAppCacheHelper.jsm copy until a patch is available. Restrict access to the view-image feature to minimize the risk of exploitation. Avoid using the Save-link-as feature with the loading principal and context menu until the issue is resolved.