Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:FIREBURN

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Mozilla Firefox FireBurn

Release Date

 2005/12/15

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Firefox FireBurn


This signature detects attempts to exploit a known vulnerability in Mozilla/FireFox. A successful attack can lead to arbitrary remote code execution within the context of the browser.

Extended Description

The Mozilla Foundation has released 12 security advisories specifying security vulnerabilities in Mozilla Suite, Firefox, and Thunderbird. These vulnerabilities allow attackers to execute arbitrary machine code in the context of the vulnerable application, to bypass security checks, and to execute script code in the context of targeted websites to disclose confidential information; other attacks are also possible. These vulnerabilities have been addressed in Firefox 1.0.5 and in Mozilla Suite 1.7.9. At this time, Mozilla Thunderbird has not been fixed. The issues described here will be split into individual BIDs as further analysis is completed. This BID will then be retired. Reportedly, Netscape is also vulnerable to the issue described in MFSA 2005-47. Due to the nature of Netscape's fork from the Mozilla codebase, Netscape is also likely affected by most if not all of the issues that affect Mozilla Firefox. This has not been confirmed at this time.

Affected Products

  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 Alpha
  • Debian Linux 3.1.0 Amd64
  • Debian Linux 3.1.0 Arm
  • Debian Linux 3.1.0 Hppa
  • Debian Linux 3.1.0 Ia-32
  • Debian Linux 3.1.0 Ia-64
  • Debian Linux 3.1.0 M68k
  • Debian Linux 3.1.0 Mips
  • Debian Linux 3.1.0 Mipsel
  • Debian Linux 3.1.0 Ppc
  • Debian Linux 3.1.0 S/390
  • Debian Linux 3.1.0 Sparc
  • Galeon Galeon Browser 1.3.17
  • Gentoo Linux
  • GNOME devhelp 0.10.0
  • GNOME devhelp 0.9.2
  • GNOME Epiphany 1.2.5
  • GNOME Epiphany 1.2.9
  • GNOME Epiphany 1.4.4
  • GNOME Epiphany 1.6.3
  • GNOME yelp 2.10.0
  • HP HP-UX B.11.00
  • HP HP-UX B.11.11
  • HP HP-UX B.11.22
  • HP HP-UX B.11.23
  • HP Secure Web Browser for OpenVMS Alpha 1.7.0 -7
  • HP Secure Web Browser for OpenVMS Alpha 1.7.0 -8
  • HP Secure Web Browser for OpenVMS I64 1.7.0 -7
  • HP Secure Web Browser for OpenVMS I64 1.7.0 -8
  • K-Meleon 0.9.0
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Linux Mandrake 10.1.0
  • Mandriva Linux Mandrake 10.1.0 X86 64
  • Mandriva Linux Mandrake 10.2.0
  • Mandriva Linux Mandrake 10.2.0 X86 64
  • Mozilla Browser 0.8.0
  • Mozilla Browser 0.9.2
  • Mozilla Browser 0.9.2 .1
  • Mozilla Browser 0.9.3
  • Mozilla Browser 0.9.35
  • Mozilla Browser 0.9.4
  • Mozilla Browser 0.9.4 .1
  • Mozilla Browser 0.9.48
  • Mozilla Browser 0.9.5
  • Mozilla Browser 0.9.6
  • Mozilla Browser 0.9.7
  • Mozilla Browser 0.9.8
  • Mozilla Browser 0.9.9
  • Mozilla Browser 1.0.0
  • Mozilla Browser 1.0.0 RC1
  • Mozilla Browser 1.0.0 RC2
  • Mozilla Browser 1.0.1
  • Mozilla Browser 1.0.2
  • Mozilla Browser 1.1.0
  • Mozilla Browser 1.1.0 Alpha
  • Mozilla Browser 1.1.0 Beta
  • Mozilla Browser 1.2.0
  • Mozilla Browser 1.2.0 Alpha
  • Mozilla Browser 1.2.0 Beta
  • Mozilla Browser 1.2.1
  • Mozilla Browser 1.3.0
  • Mozilla Browser 1.3.1
  • Mozilla Browser 1.4.0
  • Mozilla Browser 1.4.0 A
  • Mozilla Browser 1.4.0 B
  • Mozilla Browser 1.4.1
  • Mozilla Browser 1.4.2
  • Mozilla Browser 1.4.4
  • Mozilla Browser 1.5.0
  • Mozilla Browser 1.5.1
  • Mozilla Browser 1.6.0
  • Mozilla Browser 1.7.0
  • Mozilla Browser 1.7.0 Alpha
  • Mozilla Browser 1.7.0 Beta
  • Mozilla Browser 1.7.0 Rc1
  • Mozilla Browser 1.7.0 Rc2
  • Mozilla Browser 1.7.0 Rc3
  • Mozilla Browser 1.7.1
  • Mozilla Browser 1.7.2
  • Mozilla Browser 1.7.3
  • Mozilla Browser 1.7.4
  • Mozilla Browser 1.7.5
  • Mozilla Browser 1.7.6
  • Mozilla Browser 1.7.7
  • Mozilla Browser 1.7.8
  • Mozilla Browser 1.8.0 Alpha 1
  • Mozilla Browser 1.8.0 Alpha 2
  • Mozilla Browser 1.8.0 Alpha 3
  • Mozilla Browser 1.8.0 Alpha 4
  • Mozilla Browser M15
  • Mozilla Browser M16
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.0 Rc
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox 1.0.1
  • Mozilla Firefox 1.0.2
  • Mozilla Firefox 1.0.3
  • Mozilla Firefox 1.0.4
  • Mozilla Firefox Preview Release
  • Mozilla Thunderbird 0.6.0
  • Mozilla Thunderbird 0.7.0
  • Mozilla Thunderbird 0.7.1
  • Mozilla Thunderbird 0.7.2
  • Mozilla Thunderbird 0.7.3
  • Mozilla Thunderbird 0.8.0
  • Mozilla Thunderbird 0.9.0
  • Mozilla Thunderbird 1.0.0
  • Mozilla Thunderbird 1.0.1
  • Mozilla Thunderbird 1.0.2
  • Mozilla Thunderbird 1.0.5
  • Netscape 7.2.0
  • Netscape 8.0.0
  • Netscape 8.0.1
  • Netscape 8.0.2
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora Core1
  • Red Hat Fedora Core2
  • Red Hat Fedora Core3
  • Red Hat Fedora Core4
  • Red Hat Linux 9.0.0 I386
  • SGI ProPack 3.0.0 SP6
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 9.0.0
  • Slackware Linux -Current
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 8 Sparc
  • Sun Solaris 8 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • Sun Solaris 9 X86 Update 2
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE Linux Personal 9.1.0 X86 64
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.2.0 X86 64
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 8.2.0
  • SuSE Linux Professional 9.0.0
  • SuSE Linux Professional 9.0.0 X86 64
  • SuSE Linux Professional 9.1.0
  • SuSE Linux Professional 9.1.0 X86 64
  • SuSE Linux Professional 9.2.0
  • SuSE Linux Professional 9.2.0 X86 64
  • SuSE Linux Professional 9.3.0
  • SuSE Linux Professional 9.3.0 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 4.1.0 Ia32
  • Ubuntu Ubuntu Linux 4.1.0 Ia64
  • Ubuntu Ubuntu Linux 4.1.0 Ppc
  • Ubuntu Ubuntu Linux 5.0.0 4 Amd64
  • Ubuntu Ubuntu Linux 5.0.0 4 I386
  • Ubuntu Ubuntu Linux 5.0.0 4 Powerpc

References

  • BugTraq: 14242
  • CVE: CVE-2005-2265
  • URL: http://www.mozilla.org/security/announce/mfsa2005-50.html
  • URL: http://www.networksecurity.fi/advisories/netscape-multiple-issues.html
  • URL: http://www.frsirt.com/english/advisories/2005/1075

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out