Title: Netscape JavaScript Regular Expression Denial Of Service Vulnerability
Severity: MODERATE
Description:
Netscape is a Web browser developed for a variety of platforms including Microsoft Windows and Linux and Unix variant operating environments.
It has been reported that Netscape based browsers may be vulnerable to a persistent denial of service condition when executing maliciously crafted JavaScript regular expression methods.
If a malicious page containing a specially crafted JavaScript regular expression method is viewed the browser reportedly becomes un-stable this may result in a critical failure of the affected browser. Specifically, by making a malformed split() function call, it is possible to trigger this Denial of Service condition.
This vulnerability was reported for Netscape version 7. It is not known if previous versions are also affected.
Affected Products:
- Netscape Navigator 7.0.0
References:
- Netscape: Netscape Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
