The host is installed with Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13 or SeaMonkey before 2.0.11 and is prone to integer overflow vulnerability. A flaw is present in the NewIdArray function, which allows construction of an array containing a very large number of items causing an overflow of integer value that stores the buffer size. Successful exploitation could let remote attackers to execute arbitrary code by subsequent use of the array object that results in data being written past the end of the buffer causing memory corruption.