CVE-2011-2998

CVSS v2.0 10 (High)

EPSS 10.63 % (95^th)

Affected Products 1

Advisories 5

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.

Weaknesses

CWE-189: Numeric Errors

Related CVEs

CVE-2011-3867

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2011-09-30 10:55:03
(13 years ago)
Updated Date: 2017-09-19 01:33:30
(7 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 3.6	cpe:2.3:a:mozilla:firefox:3.6
	Mozilla Firefox 3.6.2	cpe:2.3:a:mozilla:firefox:3.6.2
	Mozilla Firefox 3.6.3	cpe:2.3:a:mozilla:firefox:3.6.3
	Mozilla Firefox 3.6.4	cpe:2.3:a:mozilla:firefox:3.6.4
	Mozilla Firefox 3.6.6	cpe:2.3:a:mozilla:firefox:3.6.6
	Mozilla Firefox 3.6.7	cpe:2.3:a:mozilla:firefox:3.6.7
	Mozilla Firefox 3.6.8	cpe:2.3:a:mozilla:firefox:3.6.8
	Mozilla Firefox 3.6.9	cpe:2.3:a:mozilla:firefox:3.6.9
	Mozilla Firefox 3.6.10	cpe:2.3:a:mozilla:firefox:3.6.10
	Mozilla Firefox 3.6.11	cpe:2.3:a:mozilla:firefox:3.6.11
	Mozilla Firefox 3.6.12	cpe:2.3:a:mozilla:firefox:3.6.12
	Mozilla Firefox 3.6.13	cpe:2.3:a:mozilla:firefox:3.6.13
	Mozilla Firefox 3.6.14	cpe:2.3:a:mozilla:firefox:3.6.14
	Mozilla Firefox 3.6.15	cpe:2.3:a:mozilla:firefox:3.6.15
	Mozilla Firefox 3.6.16	cpe:2.3:a:mozilla:firefox:3.6.16
	Mozilla Firefox 3.6.17	cpe:2.3:a:mozilla:firefox:3.6.17
	Mozilla Firefox 3.6.18	cpe:2.3:a:mozilla:firefox:3.6.18
	Mozilla Firefox 3.6.19	cpe:2.3:a:mozilla:firefox:3.6.19
	Mozilla Firefox 3.6.20	cpe:2.3:a:mozilla:firefox:3.6.20
	Mozilla Firefox 3.6.21	cpe:2.3:a:mozilla:firefox:3.6.21
	Mozilla Firefox 3.6.22	cpe:2.3:a:mozilla:firefox:3.6.22