Signature Detail

HTTP: Mozilla Firefox Browser Engine CVE-2009-3382 Memory Corruption

This signature detects attempts to exploit a known vulnerability against Mozilla Firefox Browser Engine. Attackers can leverage this vulnerability to execute arbitrary code on the victim.

Extended Description

The Mozilla Foundation has released multiple advisories to address vulnerabilities in Firefox and SeaMonkey. This BID is being retired; the following individual records now document these issues: 36875 Mozilla Firefox CVE-2009-3379 Multiple Remote Memory Corruption Vulnerabilities 36873 Mozilla Firefox CVE-2009-3378 Remote Memory Corruption Vulnerability 36866 Mozilla Firefox CVE-2009-3382 Remote Memory Corruption Vulnerability 36872 Mozilla Firefox CVE-2009-3377 Remote Memory Corruption Vulnerability 36871 Mozilla Firefox CVE-2009-3380 Multiple Remote Memory Corruption Vulnerabilities 36870 Mozilla Firefox CVE-2009-3381 Multiple Remote Memory Corruption Vulnerabilities 36869 Mozilla Firefox CVE-2009-3383 Multiple Remote Memory Corruption Vulnerabilities 36867 Mozilla Firefox and Seamonkey Download Filename Spoofing Vulnerability 36852 Mozilla Firefox Download Manager World Writable File Local Privilege Escalation Vulnerability 36854 Mozilla Firefox JavaScript Web-Workers Remote Code Execution Vulnerability 36858 Mozilla Firefox 'document.getSelect' Cross Domain Information Disclosure Vulnerability 36857 Mozilla Firefox XPCOM Utility Chrome Privilege Escalation Vulnerability 36855 Mozilla Firefox and SeaMonkey 'libpr0n' GIF Parser Heap Based Buffer Overflow Vulnerability 36853 Mozilla Firefox Form History Information Disclosure Vulnerability 36851 Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability 36856 Mozilla Firefox and SeaMonkey Proxy Auto-Configuration File Remote Code Execution Vulnerability

Affected Products

• Debian Linux 5.0
• Debian Linux 5.0 Alpha
• Debian Linux 5.0 Amd64
• Debian Linux 5.0 Arm
• Debian Linux 5.0 Armel
• Debian Linux 5.0 Hppa
• Debian Linux 5.0 Ia-32
• Debian Linux 5.0 Ia-64
• Debian Linux 5.0 M68k
• Debian Linux 5.0 Mips
• Debian Linux 5.0 Mipsel
• Debian Linux 5.0 Powerpc
• Debian Linux 5.0 S/390
• Debian Linux 5.0 Sparc
• Mozilla Firefox 3.0
• Mozilla Firefox 3.0.1
• Mozilla Firefox 3.0.10
• Mozilla Firefox 3.0.11
• Mozilla Firefox 3.0.12
• Mozilla Firefox 3.0.13
• Mozilla Firefox 3.0.14
• Mozilla Firefox 3.0.2
• Mozilla Firefox 3.0.3
• Mozilla Firefox 3.0.4
• Mozilla Firefox 3.0.5
• Mozilla Firefox 3.0.6
• Mozilla Firefox 3.0.7
• Mozilla Firefox 3.0.8
• Mozilla Firefox 3.0.9
• Mozilla Firefox 3.5.0
• Mozilla Firefox 3.5.1
• Mozilla Firefox 3.5.2
• Mozilla Firefox 3.5.3
• Mozilla SeaMonkey 1.0
• Mozilla SeaMonkey 1.0.1
• Mozilla SeaMonkey 1.0.2
• Mozilla SeaMonkey 1.0.3
• Mozilla SeaMonkey 1.0.5
• Mozilla SeaMonkey 1.0.6
• Mozilla SeaMonkey 1.0.7
• Mozilla SeaMonkey 1.0.8
• Mozilla SeaMonkey 1.0.9
• Mozilla SeaMonkey 1.0.99
• Mozilla SeaMonkey 1.0 Dev
• Mozilla SeaMonkey 1.1.1
• Mozilla SeaMonkey 1.1.10
• Mozilla SeaMonkey 1.1.11
• Mozilla SeaMonkey 1.1.12
• Mozilla SeaMonkey 1.1.13
• Mozilla SeaMonkey 1.1.14
• Mozilla SeaMonkey 1.1.15
• Mozilla SeaMonkey 1.1.16
• Mozilla SeaMonkey 1.1.17
• Mozilla SeaMonkey 1.1.2
• Mozilla SeaMonkey 1.1.3
• Mozilla SeaMonkey 1.1.4
• Mozilla SeaMonkey 1.1.5
• Mozilla SeaMonkey 1.1.6
• Mozilla SeaMonkey 1.1.7
• Mozilla SeaMonkey 1.1.8
• Mozilla SeaMonkey 1.1.9
• Mozilla SeaMonkey 1.1 Beta
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux 5 Server
• Red Hat Enterprise Linux Desktop Version 4
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux Desktop 5 Client
• Red Hat Enterprise Linux Desktop Workstation 5 Client
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4

References

• BugTraq: 36843
• CVE: CVE-2009-3382