Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:FRAME-COMMENT

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Mozilla Frame Comment Objects

Release Date

 2010/09/22

Update Number

 1777

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Frame Comment Objects


This signature detects attempts to exploit a known vulnerability in Mozilla family browser. An attacker can create a malicious Web site with Web pages containing dangerous frame comments, which if accessed by a victim, allows the attacker gain control of the victim's client browser.

Extended Description

The Mozilla Foundation has released nine security advisories specifying vulnerabilities in Firefox, SeaMonkey, and Thunderbird. These vulnerabilities allow attackers to: - execute arbitrary code - perform cross-site scripting attacks - inject arbitrary content - gain escalated privileges - crash affected applications and potentially execute arbitrary code. Other attacks may also be possible.

Affected Products

  • Avaya CVLAN
  • Avaya Integrated Management 2.1.0
  • Avaya Integrated Management
  • Avaya Interactive Response 2.0
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 Alpha
  • Debian Linux 3.1.0 Amd64
  • Debian Linux 3.1.0 Arm
  • Debian Linux 3.1.0 Hppa
  • Debian Linux 3.1.0 Ia-32
  • Debian Linux 3.1.0 Ia-64
  • Debian Linux 3.1.0 M68k
  • Debian Linux 3.1.0 Mips
  • Debian Linux 3.1.0 Mipsel
  • Debian Linux 3.1.0 Ppc
  • Debian Linux 3.1.0 S/390
  • Debian Linux 3.1.0 Sparc
  • Gentoo Linux
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Linux Mandrake 2007.0
  • Mandriva Linux Mandrake 2007.0 X86 64
  • Mozilla Camino 0.7.0 .0
  • Mozilla Camino 0.8.0
  • Mozilla Camino 0.8.3
  • Mozilla Camino 0.8.4
  • Mozilla Camino 1.0
  • Mozilla Camino 1.0.1
  • Mozilla Camino 1.0.2
  • Mozilla Camino 1.0.3
  • Mozilla Camino 1.5
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.0 Rc
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox 1.0.1
  • Mozilla Firefox 1.0.2
  • Mozilla Firefox 1.0.3
  • Mozilla Firefox 1.0.4
  • Mozilla Firefox 1.0.5
  • Mozilla Firefox 1.0.6
  • Mozilla Firefox 1.0.7
  • Mozilla Firefox 1.0.8
  • Mozilla Firefox 1.5.0
  • Mozilla Firefox 1.5.0.1
  • Mozilla Firefox 1.5.0.2
  • Mozilla Firefox 1.5.0.3
  • Mozilla Firefox 1.5.0.4
  • Mozilla Firefox 1.5.0.5
  • Mozilla Firefox 1.5.0.6
  • Mozilla Firefox 1.5.0.7
  • Mozilla Firefox 1.5.0.8
  • Mozilla Firefox 1.5.0.9
  • Mozilla Firefox 1.5.0 Beta 1
  • Mozilla Firefox 1.5.0 Beta 2
  • Mozilla Firefox 2.0
  • Mozilla Firefox 2.0 Beta 1
  • Mozilla Firefox 2.0 RC2
  • Mozilla Firefox 2.0 RC3
  • Mozilla SeaMonkey 1.0
  • Mozilla SeaMonkey 1.0.1
  • Mozilla SeaMonkey 1.0.2
  • Mozilla SeaMonkey 1.0.3
  • Mozilla SeaMonkey 1.0.5
  • Mozilla SeaMonkey 1.0.6
  • Mozilla SeaMonkey 1.0 Dev
  • Mozilla SeaMonkey 1.1 Beta
  • Mozilla Thunderbird 0.6.0
  • Mozilla Thunderbird 0.7.0
  • Mozilla Thunderbird 0.7.1
  • Mozilla Thunderbird 0.7.2
  • Mozilla Thunderbird 0.7.3
  • Mozilla Thunderbird 0.8.0
  • Mozilla Thunderbird 0.9.0
  • Mozilla Thunderbird 1.0.0
  • Mozilla Thunderbird 1.0.1
  • Mozilla Thunderbird 1.0.2
  • Mozilla Thunderbird 1.0.5
  • Mozilla Thunderbird 1.0.6
  • Mozilla Thunderbird 1.0.7
  • Mozilla Thunderbird 1.0.8
  • Mozilla Thunderbird 1.5.0
  • Mozilla Thunderbird 1.5.0.1
  • Mozilla Thunderbird 1.5.0.2
  • Mozilla Thunderbird 1.5.0.4
  • Mozilla Thunderbird 1.5.0.5
  • Mozilla Thunderbird 1.5.0.7
  • Mozilla Thunderbird 1.5.0.8
  • Mozilla Thunderbird 1.5.0 Beta 2
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora Core5
  • Red Hat Fedora Core6
  • rPath rPath Linux 1
  • SGI Advanced Linux Environment 3.0.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 8 Sparc
  • Sun Solaris 8 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.0.0 OSS
  • SuSE Linux Professional 10.1
  • SuSE Linux Professional 9.3.0
  • SuSE Linux Professional 9.3.0 X86 64
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Novell Linux POS 9
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.2
  • SuSE SUSE Linux Enterprise Desktop 10
  • SuSE SUSE Linux Enterprise Server 10
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux Openexchange Server 4.0.0
  • SuSE SUSE LINUX Retail Solution 8.0.0
  • SuSE SuSE Linux School Server for i386
  • SuSE SuSE Linux Standard Server 8.0.0
  • SuSE UnitedLinux 1.0.0
  • Turbolinux Home
  • Turbolinux Multimedia
  • Turbolinux Personal
  • Turbolinux 10 F...
  • Turbolinux FUJI
  • Turbolinux Turbolinux Desktop 10.0.0
  • Turbolinux Turbolinux Server 10.0.0
  • Turbolinux Turbolinux Server 10.0.0 X64
  • Turbolinux Turbolinux Server 10.0.0 X86
  • Ubuntu Ubuntu Linux 5.10.0 Amd64
  • Ubuntu Ubuntu Linux 5.10.0 I386
  • Ubuntu Ubuntu Linux 5.10.0 Powerpc
  • Ubuntu Ubuntu Linux 5.10.0 Sparc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 6.10 Amd64
  • Ubuntu Ubuntu Linux 6.10 I386
  • Ubuntu Ubuntu Linux 6.10 Powerpc
  • Ubuntu Ubuntu Linux 6.10 Sparc

References

  • BugTraq: 21668
  • CVE: CVE-2006-6504

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out