Public exploit · Metasploit Module

Mozilla Firefox Array.reduceRight() Integer Overflow

Published Rocco Calvi

Exploit summary

This module exploits a vulnerability in Mozilla Firefox 3.6. When an array object is configured with a large length value, the reduceRight() method may cause an invalid index being used, allowing arbitrary remote code execution.

Source & references