HTTP: Mozilla Firefox URLBar Null Byte File Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox URLBar. A successful attack can lead to memory corruption and arbitrary code execution.
Extended Description
Mozilla Firefox is prone to a remote code-execution vulnerability because it fails to adequately sanitize user-supplied input. Attackers may exploit this issue by enticing victims into visiting a malicious site and followings links with improper file extensions. Successful exploits may allow an attacker to crash the application or execute arbitrary code in the context of the affected application. Other attacks are also possible.
Affected Products
Mozilla camino
Short Name
HTTP:STC:MOZILLA:URLBAR-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Byte CVE-2007-3285 Code Execution File Firefox Mozilla Null Remote URLBar bid:24447
Release Date
09/14/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Suse
Sun
Mozilla
Slackware
Ubuntu
Mandriva
Debian
CVSS Score
6.8