HTTP: Firefox Unicode Sequence handling
This signature detects a sequence of Unicode characters that corrupt the Firefox decoder stack. A successful attack can lead to arbitrary remote code execution within the context of the browser.
Extended Description
Mozilla and Firefox are prone to a stack-corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution.
Affected Products
Mozilla thunderbird
References
BugTraq: 14918
CVE: CVE-2005-2702
URL: http://www.mozilla.org/security/announce/mfsa2005-58.html#zero-width
Short Name
HTTP:STC:MOZILLA:FIREUNICODE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2702 Firefox Sequence Unicode bid:14918 handling
Release Date
03/06/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Conectiva
Suse
Gentoo
Mozilla
Turbolinux
Netscape
Sgi
Slackware
Ubuntu
Mandriva
Debian
CVSS Score
7.5