Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2010-81

Integer overflow vulnerability in NewIdArray

Announced
December 9, 2010
Reporter
regenrecht
Impact
Critical
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 3.5.16
  • Firefox 3.6.13
  • SeaMonkey 2.0.11

Description

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. The report demonstrated that an array could be constructed containing a very large number of items such that when memory was allocated to store the array items, the integer value used to calculate the buffer size would overflow resulting in too small a buffer being allocated. Subsequent use of the array object could then result in data being written past the end of the buffer and causing memory corruption.

References