HTTP: Mozilla Firefox WOFF Font Processing Integer Overflow
This signature detects attempts to exploit a known code execution vulnerability Mozilla Firefox. It is due to an integer overflow error in a font decompression routine within the Web Open Fonts Format (WOFF) decoder. This can be exploited by remote attackers to execute arbitrary code on the target machine by enticing a user to open a maliciously crafted WOFF file. In a successful attack the behavior of the target system depends entirely on the logic of the injected code, which runs within the security context of the currently logged in user.
Extended Description
Mozilla Firefox is prone to a remote code-execution vulnerability due to an integer-overflow error in the WOFF decoder. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in denial-of-service conditions. The issue affects Mozilla Firefox 3.6.
Affected Products
Mozilla firefox
Short Name
HTTP:STC:DL:MAL-WOFF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-1028 Firefox Font Integer Mozilla Overflow Processing WOFF bid:38298
Release Date
10/13/2010
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Mozilla
CVSS Score
9.3