HTTP: Javascript Heap Spray Attempt Detection
This signature detects attempts to trigger an exploit that leverages a precise Heap Spraying technique referred to as "js_property_spray". Such exploits are part of an attack that, if successful, could allow an attacker to execute arbitrary code on the targeted system.
Extended Description
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
Affected Products
Mozilla firefox
Short Name
HTTP:STC:SCRIPT:HEAPSPRAY
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Attempt CVE-2009-2477 CVE-2011-3659 Detection Heap Javascript Spray bid:35660 bid:51755
Release Date
08/17/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3660
False Positive
Unknown
Vendors
Mozilla
CVSS Score
9.3