• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Mozilla Firefox Document.Cookie Path Argument Denial of Service Vulnerability

Severity: MODERATE

Description:

Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Specifically, this issue occurs when Firefox processes malicious cookie data. An attacker may generate malformed cookie field data containing an overly large sequence of 'x09' characters to be written into the 'cookies.txt' file on a victim's computer. Attacker-supplied tab data can be inserted into the victim's 'cookie.txt' file, corrupting the formatting of the tab-delimited file and allowing the attacker to put arbitrary data into unexpected fields. When Firefox is restarted, the vulnerability is triggered.

Little is known regarding this vulnerability; this BID will be updated when more information is disclosed.

An attacker may exploit this vulnerability to cause Mozilla Firefox to crash, resulting in denial-of-service conditions.

Mozilla Firefox 2.0.0.2 is prone to this issue; other versions may also be affected.

Attackers may be able to bypass cookie domain and path restrictions, but this has not been confirmed.

Affected Products:

• HP HP-UX B.11.11
• HP HP-UX B.11.23
• Mozilla Firefox 2.0.0.2
• RedHat Advanced Workstation for the Itanium Processor 2.1.0
• RedHat Desktop 3.0.0
• RedHat Desktop 4.0.0
• RedHat Enterprise Linux 5 server
• RedHat Enterprise Linux AS 2.1
• RedHat Enterprise Linux AS 2.1 IA64
• RedHat Enterprise Linux AS 3
• RedHat Enterprise Linux AS 4
• RedHat Enterprise Linux Desktop 5 client
• RedHat Enterprise Linux Desktop Workstation 5 client
• RedHat Enterprise Linux Desktop version 4
• RedHat Enterprise Linux ES 2.1
• RedHat Enterprise Linux ES 2.1 IA64
• RedHat Enterprise Linux ES 3
• RedHat Enterprise Linux ES 4
• RedHat Enterprise Linux Optional Productivity Application 5 server
• RedHat Enterprise Linux WS 2.1
• RedHat Enterprise Linux WS 2.1 IA64
• RedHat Enterprise Linux WS 3
• RedHat Enterprise Linux WS 4

References:

• Bugzilla: Bugzilla Bug ID 373228
• HP: HPSBUX02153 SSRT061181 rev.5 - HP-UX Running Firefox, Remote Unauthorized Access
• Mozilla: Known Vulnerabilities in Mozilla
• Mozilla Foundation: Mozilla Homepage
• RedHat: RHSA-2007:0400-3 - firefox security update
• RedHat: RHSA-2007:0401-2 - thunderbird security update
• RedHat: RHSA-2007:0402-4 - seamonkey security update

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.