Signature Detail
Short Name |
HTTP:BROWSER:MOZILLA-DBKEYRANGE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Mozilla Multiple Products IDBKeyRange Use After Free Memory Corruption |
Release Date |
2013/01/04 |
Update Number |
2222 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Mozilla Multiple Products IDBKeyRange Use After Free Memory Corruption
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox, Thunderbird and SeaMonkey. A successful attack can lead to arbitrary code execution.
Extended Description
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a remote code-execution vulnerability due to a use-after-free condition. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
- Mandriva Enterprise Server 5
- Mandriva Enterprise Server 5 X86 64
- Mandriva Linux Mandrake 2010.1
- Mandriva Linux Mandrake 2010.1 X86 64
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- Moonchild Productions Pale Moon 11.0
- Moonchild Productions Pale Moon 9.0.1
- Moonchild Productions Pale Moon 9.1
- Moonchild Productions Pale Moon 9.2
- Mozilla Firefox 10
- Mozilla Firefox 10.0
- Mozilla Firefox 10.0
- Mozilla Firefox 10.0.1
- Mozilla Firefox 10.0.2
- Mozilla Firefox 11.0
- Mozilla Firefox ESR 10.0.2
- Mozilla Firefox ESR 10.0.3
- Mozilla SeaMonkey 2.0
- Mozilla SeaMonkey 2.0.1
- Mozilla SeaMonkey 2.0.10
- Mozilla SeaMonkey 2.0.11
- Mozilla SeaMonkey 2.0.11
- Mozilla SeaMonkey 2.0.12
- Mozilla SeaMonkey 2.0.13
- Mozilla SeaMonkey 2.0.14
- Mozilla SeaMonkey 2.0.2
- Mozilla SeaMonkey 2.0.3
- Mozilla SeaMonkey 2.0.4
- Mozilla SeaMonkey 2.0.4
- Mozilla SeaMonkey 2.0.5
- Mozilla SeaMonkey 2.0.5
- Mozilla SeaMonkey 2.0.6
- Mozilla SeaMonkey 2.0.7
- Mozilla SeaMonkey 2.0.8
- Mozilla SeaMonkey 2.0.9
- Mozilla SeaMonkey 2.0.9
- Mozilla SeaMonkey 2.0 Alpha 1
- Mozilla SeaMonkey 2.0 Alpha 2
- Mozilla SeaMonkey 2.0 Alpha 3
- Mozilla SeaMonkey 2.0 Beta 1
- Mozilla SeaMonkey 2.0 Beta 2
- Mozilla SeaMonkey 2.0 Rc1
- Mozilla SeaMonkey 2.0 Rc2
- Mozilla SeaMonkey 2.1
- Mozilla SeaMonkey 2.1 Alpha1
- Mozilla SeaMonkey 2.1 Alpha2
- Mozilla SeaMonkey 2.1 Alpha3
- Mozilla SeaMonkey 2.1b2
- Mozilla SeaMonkey 2.2
- Mozilla SeaMonkey 2.2
- Mozilla SeaMonkey 2.3
- Mozilla SeaMonkey 2.4
- Mozilla SeaMonkey 2.5
- Mozilla SeaMonkey 2.6
- Mozilla SeaMonkey 2.7
- Mozilla SeaMonkey 2.7.1
- Mozilla SeaMonkey 2.7.2
- Mozilla SeaMonkey 2.8
- Mozilla Thunderbird 10.0
- Mozilla Thunderbird 10.0
- Mozilla Thunderbird 10.0
- Mozilla Thunderbird 10.0.1
- Mozilla Thunderbird 10.0.2
- Mozilla Thunderbird 11.0
- Mozilla Thunderbird ESR 10.0.2
- Mozilla Thunderbird ESR 10.0.3
- Oracle Enterprise Linux 5
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- Red Hat Enterprise Linux 5 Server
- Red Hat Enterprise Linux Desktop 5 Client
- Red Hat Enterprise Linux Desktop 6
- Red Hat Enterprise Linux Desktop Optional 6
- Red Hat Enterprise Linux Desktop Workstation 5 Client
- Red Hat Enterprise Linux HPC Node Optional 6
- Red Hat Enterprise Linux Optional Productivity Application 5 Server
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Server Optional 6
- Red Hat Enterprise Linux Workstation 6
- Red Hat Enterprise Linux Workstation Optional 6
- Red Hat Fedora 16
- SuSE SUSE Linux Enterprise Desktop 10 SP4
- SuSE SUSE Linux Enterprise Desktop 11 SP1
- SuSE SUSE Linux Enterprise Desktop 11 SP2
- SuSE SUSE Linux Enterprise SDK 10 SP4
- SuSE SUSE Linux Enterprise SDK 11 SP1
- SuSE SUSE Linux Enterprise SDK 11 SP2
- SuSE SUSE Linux Enterprise Server 10 SP4
- SuSE SUSE Linux Enterprise Server 11 SP1
- SuSE SUSE Linux Enterprise Server 11 SP2
- SuSE SUSE Linux Enterprise Server for VMware 11 SP1
- Ubuntu Ubuntu Linux 10.04 Amd64
- Ubuntu Ubuntu Linux 10.04 ARM
- Ubuntu Ubuntu Linux 10.04 I386
- Ubuntu Ubuntu Linux 10.04 Powerpc
- Ubuntu Ubuntu Linux 10.04 Sparc
- Ubuntu Ubuntu Linux 11.04 amd64
- Ubuntu Ubuntu Linux 11.04 ARM
- Ubuntu Ubuntu Linux 11.04 i386
- Ubuntu Ubuntu Linux 11.04 powerpc
- Ubuntu Ubuntu Linux 11.10 amd64
- Ubuntu Ubuntu Linux 11.10 i386
- Ubuntu Ubuntu Linux 12.04 LTS amd64
- Ubuntu Ubuntu Linux 12.04 LTS i386
References
- BugTraq: 53220
- CVE: CVE-2012-0469