Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:FF-NAV-URI

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Firefox and Navigator URI Command Injection

Release Date

 2007/10/30

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Firefox and Navigator URI Command Injection


This signature detects attempts to exploit a known vulnerability against Firefox, Navigator, and Internet Explorer. Attackers can inject code on the target system resulting in full control of the victim's computer.

Extended Description

Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers. Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through the 'firefox.exe' and 'navigator.exe' processes by employing the 'firefoxurl' and 'navigatorurl' handlers. An attacker can also employ these issues to carry out cross-browser scripting attacks by using the '-chrome' argument. This can allow the attacker to run JavaScript code with the privileges of trusted Chrome context and gain full access to Firefox and Netscape Navigator's resources. Exploiting these issues would permit remote attackers to influence command options that can be called through the 'firefoxurl' and 'navigatorurl' handlers and therefore execute commands and script code with the privileges of a user running the applications. Successful attacks may result in a variety of consequences, including remote unauthorized access.

Affected Products

  • Google Chrome 0.2.149.27
  • Google Chrome 0.2.149.29
  • Google Chrome 0.2.149.30
  • Google Chrome 1.0.154.36
  • Google Chrome 1.0.154.46
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • HP HP-UX B.11.31
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2007.0
  • Mandriva Linux Mandrake 2007.0 X86 64
  • Mandriva Linux Mandrake 2007.1
  • Mandriva Linux Mandrake 2007.1 X86 64
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 SP1
  • Microsoft Internet Explorer 7.0
  • Microsoft Internet Explorer 7.0 Beta1
  • Microsoft Internet Explorer 7.0 Beta2
  • Microsoft Internet Explorer 7.0 Beta3
  • Mozilla Camino 0.7.0 .0
  • Mozilla Camino 0.8.0
  • Mozilla Camino 0.8.3
  • Mozilla Camino 0.8.4
  • Mozilla Camino 1.0
  • Mozilla Camino 1.0.1
  • Mozilla Camino 1.0.2
  • Mozilla Camino 1.0.3
  • Mozilla Camino 1.5
  • Mozilla Firefox 2.0
  • Mozilla Firefox 2.0.0.1
  • Mozilla Firefox 2.0.0.2
  • Mozilla Firefox 2.0.0.3
  • Mozilla Firefox 2.0.0.4
  • Mozilla Firefox 2.0 Beta 1
  • Mozilla Firefox 2.0 RC2
  • Mozilla Firefox 2.0 RC3
  • Mozilla SeaMonkey 1.1.1
  • Mozilla SeaMonkey 1.1.2
  • Mozilla SeaMonkey 1.1.3
  • Mozilla SeaMonkey 1.1 Beta
  • Mozilla Thunderbird 1.5.0
  • Mozilla Thunderbird 1.5.0.1
  • Mozilla Thunderbird 1.5.0.10
  • Mozilla Thunderbird 1.5.0.12
  • Mozilla Thunderbird 1.5.0.13
  • Mozilla Thunderbird 1.5.0.2
  • Mozilla Thunderbird 1.5.0.4
  • Mozilla Thunderbird 1.5.0.5
  • Mozilla Thunderbird 1.5.0.7
  • Mozilla Thunderbird 1.5.0.8
  • Mozilla Thunderbird 1.5.0.9
  • Mozilla Thunderbird 1.5.0 Beta 2
  • Mozilla Thunderbird 2.0.0.4
  • Netscape Navigator 9.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • SuSE Linux 10.0 Ppc
  • SuSE Linux 10.0 X86
  • SuSE Linux 10.0 X86-64
  • SuSE Linux 10.1 Ppc
  • SuSE Linux 10.1 X86
  • SuSE Linux 10.1 X86-64
  • SuSE Linux Desktop 10
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 10.1
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE SUSE Linux Enterprise Desktop 10
  • SuSE SUSE Linux Enterprise Desktop 10 SP1
  • SuSE SUSE Linux Enterprise Server 10
  • SuSE SUSE Linux Enterprise Server 10 SP1
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 6.10 Amd64
  • Ubuntu Ubuntu Linux 6.10 I386
  • Ubuntu Ubuntu Linux 6.10 Powerpc
  • Ubuntu Ubuntu Linux 6.10 Sparc
  • Ubuntu Ubuntu Linux 7.04 Amd64
  • Ubuntu Ubuntu Linux 7.04 I386
  • Ubuntu Ubuntu Linux 7.04 Powerpc
  • Ubuntu Ubuntu Linux 7.04 Sparc

References

  • BugTraq: 24837
  • CVE: CVE-2007-3670
  • URL: http://securitytracker.com/alerts/2007/Jul/1018351.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out