HTTP: Mozilla Firefox Prototype pollution in Top-Level Await Implementation
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. A successful attack can lead to arbitrary code execution.
Extended Description
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0, and Thunderbird < 91.9.1.
Affected Products
Mozilla firefox
References
CVE: CVE-2022-1802
Short Name
HTTP:STC:MOZILLA:FRFOX-PPOLLUTN
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Await CVE-2022-1802 Firefox Implementation Mozilla Prototype Top-Level in pollution
Release Date
04/03/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3796
False Positive
Unknown
Vendors
Mozilla