Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | 3.6 (including) | 3.6 (including) |
| Firefox | Mozilla | 3.6.2 (including) | 3.6.2 (including) |
| Firefox | Mozilla | 3.6.3 (including) | 3.6.3 (including) |
| Firefox | Mozilla | 3.6.4 (including) | 3.6.4 (including) |
| Firefox | Mozilla | 3.6.6 (including) | 3.6.6 (including) |
| Firefox | Mozilla | 3.6.7 (including) | 3.6.7 (including) |
| Firefox | Mozilla | 3.6.8 (including) | 3.6.8 (including) |
| Firefox | Mozilla | 3.6.9 (including) | 3.6.9 (including) |
| Firefox | Mozilla | 3.6.10 (including) | 3.6.10 (including) |
| Firefox | Mozilla | 3.6.11 (including) | 3.6.11 (including) |
| Firefox | Mozilla | 3.6.12 (including) | 3.6.12 (including) |
| Firefox | Mozilla | 3.6.13 (including) | 3.6.13 (including) |
| Firefox | Mozilla | 3.6.14 (including) | 3.6.14 (including) |
| Firefox | Mozilla | 3.6.15 (including) | 3.6.15 (including) |
| Firefox | Mozilla | 3.6.16 (including) | 3.6.16 (including) |
| Firefox | Mozilla | 3.6.17 (including) | 3.6.17 (including) |
| Firefox | Mozilla | 3.6.18 (including) | 3.6.18 (including) |
| Firefox | Mozilla | 3.6.19 (including) | 3.6.19 (including) |
| Firefox | Mozilla | 3.6.20 (including) | 3.6.20 (including) |
| Firefox | Mozilla | 3.6.21 (including) | 3.6.21 (including) |
| Firefox | Mozilla | 3.6.22 (including) | 3.6.22 (including) |