Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2011-2998

Published: 30/09/2011 Updated: 19/09/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Firefox

Vulnerability Summary

Integer underflow in Mozilla Firefox 3.6.x prior to 3.6.23 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla firefox 3.6

mozilla firefox 3.6.10

mozilla firefox 3.6.11

mozilla firefox 3.6.18

mozilla firefox 3.6.19

mozilla firefox 3.6.8

mozilla firefox 3.6.9

mozilla firefox 3.6.16

mozilla firefox 3.6.17

mozilla firefox 3.6.2

mozilla firefox 3.6.3

mozilla firefox 3.6.4

mozilla firefox 3.6.12

mozilla firefox 3.6.13

mozilla firefox 3.6.20

mozilla firefox 3.6.21

mozilla firefox 3.6.6

mozilla firefox 3.6.7

mozilla firefox 3.6.14

mozilla firefox 3.6.15

mozilla firefox 3.6.22

Vendor Advisories

Debian Security Advisories: DSA-2313-1 iceweasel -- several vulnerabilities
Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog — which has open as the default action —, while a user presses the ENTER key CVE-2011-2995 Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes ...
Debian Security Advisories: DSA-2312-1 iceape -- several vulnerabilities
Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog — which has open as the default action —, while a user presses the ENTER key CVE-2011-2995 Benjamin Smedberg, Bob Clary and Jesse Ruderman di ...
Mozilla: Integer underflow when using JavaScript RegExp
Mozilla Foundation Security Advisory 2011-37 Integer underflow when using JavaScript RegExp Announced September 27, 2011 Reporter Mark Kaplan Impact Critical Products Firefox Fixed in ...

References

CWE-189http://www.mozilla.org/security/announce/2011/mfsa2011-37.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=684815http://www.debian.org/security/2011/dsa-2312http://www.redhat.com/support/errata/RHSA-2011-1341.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:139http://www.debian.org/security/2011/dsa-2313http://www.debian.org/security/2011/dsa-2317http://www.mandriva.com/security/advisories?name=MDVSA-2011:140http://www.mandriva.com/security/advisories?name=MDVSA-2011:141http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14012https://nvd.nist.govhttps://www.debian.org/security/./dsa-2313
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook