Mozilla Firefox RegExp Remote Integer Underflow Vulnerability

Mozilla Firefox is prone to a remote integer-underflow vulnerability because it fails to sufficiently validate an integer value.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed attempts may trigger a denial-of-service condition.

Mozilla Firefox versions prior to 3.6.23 are vulnerable.

NOTE: This issue was previously covered in BID 49800 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-36 through -45 Multiple Vulnerabilities) but has been assigned its own record for better documentation.


Privacy Statement
Copyright 2010, SecurityFocus