Mozilla · Firefox · CVE-2011-2998
**Name of the Vulnerable Software and Affected Versions**
Mozilla Firefox versions 3.6.x through 3.6.22
**Description**
The issue is caused by an integer underflow in JavaScript code containing a large RegExp expression, which allows remote attackers to cause a denial of service or possibly execute arbitrary code.
**Recommendations**
For Mozilla Firefox versions 3.6.x through 3.6.22, update to version 3.6.23 or later to resolve the issue.