HTTP: Mozilla SVG-XML Integer Overflows
This signature detects attempts to exploit a known vulnerability in Mozzilla. An attacker can create a malicious Web site that contains Web pages with dangerous XML or SVG code, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
Extended Description
Multiple Mozilla products are prone to multiple vulnerabilities. These issues include various memory-corruption, code-injection, and access-restriction-bypass vulnerabilities. Other undisclosed issues may have also been addressed in the various updated vendor applications. Successful exploitation of these issues may permit an attacker to execute arbitrary code in the context of the affected application. This may facilitate a compromise of the affected computer; other attacks are also possible.
Affected Products
Mozilla thunderbird
Short Name
HTTP:STC:MOZILLA:SVG-XML-INT-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2006-0297 Integer Mozilla Overflows SVG-XML bid:16476
Release Date
09/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Sun
Hp
Mozilla
Sgi
Ubuntu
Mandriva
Debian
CVSS Score
5.1