10

CVE-2011-2998

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version3.6
MozillaFirefox Version3.6.2
MozillaFirefox Version3.6.3
MozillaFirefox Version3.6.4
MozillaFirefox Version3.6.6
MozillaFirefox Version3.6.7
MozillaFirefox Version3.6.8
MozillaFirefox Version3.6.9
MozillaFirefox Version3.6.10
MozillaFirefox Version3.6.11
MozillaFirefox Version3.6.12
MozillaFirefox Version3.6.13
MozillaFirefox Version3.6.14
MozillaFirefox Version3.6.15
MozillaFirefox Version3.6.16
MozillaFirefox Version3.6.17
MozillaFirefox Version3.6.18
MozillaFirefox Version3.6.19
MozillaFirefox Version3.6.20
MozillaFirefox Version3.6.21
MozillaFirefox Version3.6.22
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.37% 0.916
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00020.html
http://www.debian.org/security/2011/dsa-2312
http://www.debian.org/security/2011/dsa-2313
http://www.debian.org/security/2011/dsa-2317
http://www.mandriva.com/security/advisories?name=MDVSA-2011:139
http://www.mandriva.com/security/advisories?name=MDVSA-2011:140
http://www.mandriva.com/security/advisories?name=MDVSA-2011:141
http://www.redhat.com/support/errata/RHSA-2011-1341.html
http://www.mozilla.org/security/announce/2011/mfsa2011-37.html
Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=684815
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14012