Signature Detail
Short Name |
HTTP:STC:MOZILLA:JS-EVAL |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Mozilla Javascript Eval Escalation |
Release Date |
2005/06/15 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Mozilla Javascript Eval Escalation
This signature detects attempts to exploit a known vulnerability in JavaScript. Attackers can use JavaScript exploits to escalate their privileges.
Extended Description
Mozilla Suite and Mozilla Firefox are affected by a code-execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model (DOM) property values. An attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the vulnerable browser, ultimately facilitating a compromise of the affected computer. This issue is reportedly a variant of BID 13233. Further details are scheduled to be released in the future; this BID will be updated accordingly.
Affected Products
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- HP HP-UX B.11.00
- HP HP-UX B.11.11
- HP HP-UX B.11.22
- HP HP-UX B.11.23
- HP Secure Web Browser for OpenVMS Alpha 1.7.0 -7
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.1.0
- Mandriva Linux Mandrake 10.1.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mozilla Browser 0.8.0
- Mozilla Browser 0.9.2
- Mozilla Browser 0.9.2 .1
- Mozilla Browser 0.9.3
- Mozilla Browser 0.9.35
- Mozilla Browser 0.9.4
- Mozilla Browser 0.9.4 .1
- Mozilla Browser 0.9.48
- Mozilla Browser 0.9.5
- Mozilla Browser 0.9.6
- Mozilla Browser 0.9.7
- Mozilla Browser 0.9.8
- Mozilla Browser 0.9.9
- Mozilla Browser 1.0.0
- Mozilla Browser 1.0.0 RC1
- Mozilla Browser 1.0.0 RC2
- Mozilla Browser 1.0.1
- Mozilla Browser 1.0.2
- Mozilla Browser 1.1.0
- Mozilla Browser 1.1.0 Alpha
- Mozilla Browser 1.1.0 Beta
- Mozilla Browser 1.2.0
- Mozilla Browser 1.2.0 Alpha
- Mozilla Browser 1.2.0 Beta
- Mozilla Browser 1.2.1
- Mozilla Browser 1.3.0
- Mozilla Browser 1.3.1
- Mozilla Browser 1.4.0
- Mozilla Browser 1.4.0 A
- Mozilla Browser 1.4.0 B
- Mozilla Browser 1.4.1
- Mozilla Browser 1.4.2
- Mozilla Browser 1.4.4
- Mozilla Browser 1.5.0
- Mozilla Browser 1.5.1
- Mozilla Browser 1.6.0
- Mozilla Browser 1.7.0
- Mozilla Browser 1.7.0 Alpha
- Mozilla Browser 1.7.0 Beta
- Mozilla Browser 1.7.0 Rc1
- Mozilla Browser 1.7.0 Rc2
- Mozilla Browser 1.7.0 Rc3
- Mozilla Browser 1.7.1
- Mozilla Browser 1.7.2
- Mozilla Browser 1.7.3
- Mozilla Browser 1.7.4
- Mozilla Browser 1.7.5
- Mozilla Browser 1.7.6
- Mozilla Browser M15
- Mozilla Browser M16
- Mozilla Firebird 0.5.0
- Mozilla Firebird 0.6.1
- Mozilla Firebird 0.7.0
- Mozilla Firefox 0.10.0
- Mozilla Firefox 0.10.1
- Mozilla Firefox 0.8.0
- Mozilla Firefox 0.9.0
- Mozilla Firefox 0.9.0 Rc
- Mozilla Firefox 0.9.1
- Mozilla Firefox 0.9.2
- Mozilla Firefox 0.9.3
- Mozilla Firefox 1.0.0
- Mozilla Firefox 1.0.1
- Mozilla Firefox 1.0.2
- Mozilla Firefox Preview Release
- Netscape Navigator 7.0.0
- Netscape Navigator 7.0.2
- Netscape Navigator 7.1.0
- Netscape Navigator 7.2.0
- Netscape 7.0.0
- Netscape 7.1.0
- Netscape 7.2.0
- Netscape 8.0.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Desktop 3.0.0
- Red Hat Desktop 4.0.0
- Red Hat Enterprise Linux Desktop Version 4
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora Core3
- Red Hat Fedora Core4
- SCO Unixware 7.1.4
- SGI Advanced Linux Environment 3.0.0
- SGI ProPack 3.0.0
- SuSE Linux Desktop 1.0.0
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 8.2.0
- SuSE Linux Personal 9.0.0
- SuSE Linux Personal 9.0.0 X86 64
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE Novell Linux Desktop 9.0.0
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- Ubuntu Ubuntu Linux 4.1.0 Ia32
- Ubuntu Ubuntu Linux 4.1.0 Ia64
- Ubuntu Ubuntu Linux 4.1.0 Ppc
- Ubuntu Ubuntu Linux 5.0.0 4 Amd64
- Ubuntu Ubuntu Linux 5.0.0 4 I386
- Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
References