HTTP: Firefox Mesa TexImage2D Memory Corruption
This signature detects attempts to exploit a known vulnerability in the Mozilla Firefox Web Browser. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
The texImage2D implementation in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 does not properly interact with Mesa drivers, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via function calls involving certain values of the level parameter.
Affected Products
Redhat enterprise_linux_server
References
CVE: CVE-2012-5833
Short Name
HTTP:STC:MOZILLA:MESA-TEXIMG2D
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2012-5833 Corruption Firefox Memory Mesa TexImage2D
Release Date
08/19/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3751
False Positive
Unknown
Vendors
Opensuse
Mozilla
Suse
Redhat
Canonical
CVSS Score
9.3