CVE-2011-2371 Information

Description

Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1 Thunderbird before 3.1.11 and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.

Reference

http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html http://secunia.com/advisories/45002 http://securityreason.com/securityalert/8472 http://support.avaya.com/css/P8/documents/100144854 http://support.avaya.com/css/P8/documents/100145333 http://www.debian.org/security/2011/dsa-2268 http://www.debian.org/security/2011/dsa-2269 http://www.debian.org/security/2011/dsa-2273 http://www.mandriva.com/security/advisories?name=MDVSA-2011:111 http://www.mozilla.org/security/announce/2011/mfsa2011-22.html http://www.redhat.com/support/errata/RHSA-2011-0885.html http://www.redhat.com/support/errata/RHSA-2011-0887.html http://www.redhat.com/support/errata/RHSA-2011-0888.html http://www.ubuntu.com/usn/USN-1149-1 https://bugzilla.mozilla.org/show_bug.cgi?id=664009 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A13987