Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Integer underflow when using JavaScript RegExp

Related Vulnerabilities: CVE-2011-2998  

Source

Mozilla Foundation Security Advisory 2011-37

Integer underflow when using JavaScript RegExp

Announced
September 27, 2011
Reporter
Mark Kaplan
Impact
Critical
Products
Firefox
Fixed in
  • Firefox 3.6.23

Description

Mark Kaplan reported a potentially exploitable crash due to integer underflow when using a large JavaScript RegExp expression. We would also like to thank Mark for contributing the fix for this problem.

The Regular Expression engine was replaced in Firefox 4 and the newer engine does not suffer from this bug.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started