Signature Detail

HTTP: Mozilla Firefox XPCOM Memory Corruption

This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. A successful attack can lead to memory corruption and arbitrary code execution.

Extended Description

Various Mozilla Foundation products are prone to a memory-corruption vulnerability. This issue occurs because the applications fail to handle simultaneous XPCOM events that would cause the deletion of the timer object. An attacker can exploit this issue to execute arbitrary code. This issue was previously discussed in BID 19181 (Mozilla Multiple Products Remote Vulnerabilities). It has been assigned a separate BID because new information has become available.

Affected Products

• Gentoo Linux
• HP HP-UX B.11.11
• HP HP-UX B.11.23
• HP HP-UX B.11.31
• Mandriva Linux Mandrake 2006.0.0
• Mandriva Linux Mandrake 2006.0.0 X86 64
• Mozilla Enigmail 0.94
• Mozilla Firefox 0.10.0
• Mozilla Firefox 0.10.1
• Mozilla Firefox 0.8.0
• Mozilla Firefox 0.9.0
• Mozilla Firefox 0.9.0 Rc
• Mozilla Firefox 0.9.1
• Mozilla Firefox 0.9.2
• Mozilla Firefox 0.9.3
• Mozilla Firefox 1.0.0
• Mozilla Firefox 1.0.1
• Mozilla Firefox 1.0.2
• Mozilla Firefox 1.0.3
• Mozilla Firefox 1.0.4
• Mozilla Firefox 1.0.5
• Mozilla Firefox 1.0.6
• Mozilla Firefox 1.0.7
• Mozilla Firefox 1.0.8
• Mozilla Firefox 1.5.0
• Mozilla Firefox 1.5.0.1
• Mozilla Firefox 1.5.0.2
• Mozilla Firefox 1.5.0.3
• Mozilla Firefox 1.5.0.4
• Mozilla Firefox 1.5.0 Beta 1
• Mozilla Firefox 1.5.0 Beta 2
• Mozilla Firefox Preview Release
• Mozilla SeaMonkey 1.0
• Mozilla SeaMonkey 1.0.1
• Mozilla SeaMonkey 1.0.2
• Mozilla SeaMonkey 1.0 Dev
• Mozilla Thunderbird 0.6.0
• Mozilla Thunderbird 0.7.0
• Mozilla Thunderbird 0.7.1
• Mozilla Thunderbird 0.7.2
• Mozilla Thunderbird 0.7.3
• Mozilla Thunderbird 0.8.0
• Mozilla Thunderbird 0.9.0
• Mozilla Thunderbird 1.0.0
• Mozilla Thunderbird 1.0.1
• Mozilla Thunderbird 1.0.2
• Mozilla Thunderbird 1.0.5
• Mozilla Thunderbird 1.0.6
• Mozilla Thunderbird 1.0.7
• Mozilla Thunderbird 1.0.8
• Mozilla Thunderbird 1.5.0
• Mozilla Thunderbird 1.5.0.1
• Mozilla Thunderbird 1.5.0.2
• Mozilla Thunderbird 1.5.0.4
• Mozilla Thunderbird 1.5.0 Beta 2
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Desktop 4.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 2.1 IA64
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux AS 4
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 2.1 IA64
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux ES 4
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 2.1 IA64
• Red Hat Enterprise Linux WS 3
• Red Hat Enterprise Linux WS 4
• rPath rPath Linux 1
• Slackware Linux 10.2.0
• Slackware Linux -Current
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 10.1
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• SuSE Novell Linux Desktop 9.0.0
• SuSE SUSE Linux Enterprise SDK 10
• SuSE SUSE Linux Enterprise Server 10
• Ubuntu Ubuntu Linux 5.0.0 4 Amd64
• Ubuntu Ubuntu Linux 5.0.0 4 I386
• Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Amd64
• Ubuntu Ubuntu Linux 5.10.0 I386
• Ubuntu Ubuntu Linux 5.10.0 Powerpc
• Ubuntu Ubuntu Linux 5.10.0 Sparc
• Ubuntu Ubuntu Linux 6.06 LTS Amd64
• Ubuntu Ubuntu Linux 6.06 LTS I386
• Ubuntu Ubuntu Linux 6.06 LTS Powerpc
• Ubuntu Ubuntu Linux 6.06 LTS Sparc

References

• BugTraq: 19197
• CVE: CVE-2006-3113