According to Mozilla Foundation Security Advisory 2006-57:
...a regular expression that ends with a backslash inside an unterminated character set (e.g. "[\\") will cause the regular epression engine to read beyond the end of the buffer, possibly leading to a crash.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition.
This issue was reported in Mozilla Foundation Security Advisory 2006-57. Mozilla credits Priit Laes, CanadianGuy, Girts Folkmanis, and Catalin Patulea for reporting this issue.
This document was written by Chris Taschner.
|Date First Published:||2006-09-20|
|Date Last Updated:||2006-10-02 13:53 UTC|