Intrusion Prevention

Web.Browser.Infinite.Array.Sort.DoS

Description

This indicates a possible exploit of a Denial of Service vulnerability in the Web browser of Multiple vendors.
A vulnerability is reported in the web browser of multiple vendors that may allow an attacker to crash web browser by consuming stack memory. Browsers fail to handle exceptional condition in running Java script, which creates nested arrays and sorts them repeatedly. An attacker may plant a web page containing malicious Java script and persuade a victim to visit the webpage by sending it as HTML email or URL link. It is reported that it can only be exploited to crash the browser and can not be exploited to execute arbitrary code.

Affected Products

Microsoft Internet Explorer 6.0 Sp1 and SP2
Mozilla Firefox 0.8, 0.9.x and 0.10.x
Apple Safari Web Browser
Mozilla Browser Beta2, 1.0, 1.1, 1.2.x
Mozilla Camino 0.7.0 and 0.8
Opera Web Browser 5.x, 6.x and 7.x
Netscape Navigator 7.2

Impact

Denial of Service.

Recommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.