HTTP: Mozilla Firefox CVE-2014-1513 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. A successful attack can lead to arbitrary code execution.
Extended Description
TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site.
Affected Products
Redhat enterprise_linux_server_eus
References
CVE: CVE-2014-1513
Short Name
HTTP:STC:MOZILLA:CVE-2014-1513
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-1513 Code Execution Firefox Mozilla Remote
Release Date
05/18/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Suse
Redhat
Mozilla
Opensuse
Debian
Canonical
CVSS Score
9.3