VYPR
Unrated severityNVD Advisory· Published Sep 30, 2011· Updated Jun 16, 2026

CVE-2011-2998

CVE-2011-2998

Description

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*+ 21 more
    • cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*
    • (no CPE)range: >=3.6 <3.6.23

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.