HTTP: Mozilla Firefox FireBurn
This signature detects attempts to exploit a known vulnerability in Mozilla/FireFox. A successful attack can lead to arbitrary remote code execution within the context of the browser.
Extended Description
The Mozilla Foundation has released 12 security advisories specifying security vulnerabilities in Mozilla Suite, Firefox, and Thunderbird. These vulnerabilities allow attackers to execute arbitrary machine code in the context of the vulnerable application, to bypass security checks, and to execute script code in the context of targeted websites to disclose confidential information; other attacks are also possible. These vulnerabilities have been addressed in Firefox 1.0.5 and in Mozilla Suite 1.7.9. At this time, Mozilla Thunderbird has not been fixed. The issues described here will be split into individual BIDs as further analysis is completed. This BID will then be retired. Reportedly, Netscape is also vulnerable to the issue described in MFSA 2005-47. Due to the nature of Netscape's fork from the Mozilla codebase, Netscape is also likely affected by most if not all of the issues that affect Mozilla Firefox. This has not been confirmed at this time.
Affected Products
Mozilla thunderbird
Short Name
HTTP:STC:MOZILLA:FIREBURN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2265 FireBurn Firefox Mozilla bid:14242
Release Date
12/15/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gnome
Gentoo
K-meleon
Sun
Hp
Mozilla
Debian
Sgi
Galeon
Slackware
Ubuntu
Mandriva
Netscape
CVSS Score
5.0