HTTP: Mozilla Firefox XUL Frame Tree Memory Corruption
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox XUL. A successful attack can lead to a arbitrary remote code execution within the context of the affected application.
Extended Description
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. Exploiting these issues can allow attackers to: - steal authentication credentials - obtain potentially sensitive information - violate the same-origin policy - execute scripts with elevated privileges - cause denial-of-service conditions - execute arbitrary code Other attacks are also possible. These issues are present in the following applications: Firefox 3.0.3 and prior Firefox 2.0.0.17 and prior Thunderbird: 2.0.0.17 and prior SeaMonkey 1.1.12 and prior
Affected Products
Nortel_networks self-service_media_processing_server,Red_hat fedora
Short Name
HTTP:STC:MOZILLA:XUL-FRAMETREE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-0775 CVE-2008-5016 Corruption Firefox Frame Memory Mozilla Tree XUL bid:22964 bid:32281
Release Date
10/19/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Sun
Mozilla
Turbolinux
Avaya
Pardus
Slackware
Ubuntu
Mandriva
Nortel_networks
Debian
CVSS Score
5.0
3.7