Signature Detail
Short Name |
HTTP:STC:MOZILLA:FIREUNICODE |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Firefox Unicode Sequence handling |
Release Date |
2006/03/06 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Firefox Unicode Sequence handling
This signature detects a sequence of Unicode characters that corrupt the Firefox decoder stack. A successful attack can lead to arbitrary remote code execution within the context of the browser.
Extended Description
Mozilla and Firefox are prone to a stack-corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution.
Affected Products
- Conectiva Linux 10.0.0
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- Gentoo Linux
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mozilla Browser 1.6.0
- Mozilla Browser 1.7.0
- Mozilla Browser 1.7.0 Alpha
- Mozilla Browser 1.7.0 Beta
- Mozilla Browser 1.7.0 Rc1
- Mozilla Browser 1.7.0 Rc2
- Mozilla Browser 1.7.0 Rc3
- Mozilla Browser 1.7.1
- Mozilla Browser 1.7.11
- Mozilla Browser 1.7.2
- Mozilla Browser 1.7.3
- Mozilla Browser 1.7.4
- Mozilla Browser 1.7.5
- Mozilla Browser 1.7.6
- Mozilla Browser 1.7.7
- Mozilla Browser 1.7.8
- Mozilla Browser 1.7.9
- Mozilla Firefox 1.0.0
- Mozilla Firefox 1.0.1
- Mozilla Firefox 1.0.2
- Mozilla Firefox 1.0.3
- Mozilla Firefox 1.0.4
- Mozilla Firefox 1.0.5
- Mozilla Firefox 1.0.6
- Mozilla Thunderbird 1.0.0
- Mozilla Thunderbird 1.0.1
- Mozilla Thunderbird 1.0.2
- Mozilla Thunderbird 1.0.5
- Mozilla Thunderbird 1.0.6
- Netscape Browser 8.0.3 .3
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat Fedora Core3
- Red Hat Fedora Core4
- Red Hat Linux 7.3.0
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 7.3.0 I686
- Red Hat Linux 9.0.0 I386
- SGI ProPack 3.0.0 SP6
- Slackware Linux 10.0.0
- Slackware Linux 10.1.0
- Slackware Linux 10.2.0
- Slackware Linux -Current
- SuSE beagle 10.0.0
- SuSE Linux Desktop 1.0.0
- SuSE Linux Enterprise Server for S/390 9.0.0
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 9.0.0
- SuSE Linux Professional 9.0.0 X86 64
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE Novell Linux Desktop 9.0.0
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- Turbolinux Home
- Turbolinux Multimedia
- Turbolinux Personal
- Turbolinux 10 F...
- Turbolinux Turbolinux Desktop 10.0.0
- Turbolinux Turbolinux Server 10.0.0
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
References