You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2011-37

Mozilla Foundation Security Advisory 2011-37

Title: Integer underflow when using JavaScript RegExp
Impact: Critical
Announced: September 27, 2011
Reporter: Mark Kaplan
Products: Firefox 3.6

Fixed in: Firefox 3.6.23

Description

Mark Kaplan reported a potentially exploitable crash due to integer underflow when using a large JavaScript RegExp expression. We would also like to thank Mark for contributing the fix for this problem.

The Regular Expression engine was replaced in Firefox 4 and the newer engine does not suffer from this bug.

References