Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:MAL-REG-EX

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 Mozilla Products Malformed Regular Expressions

Release Date

 2010/09/22

Update Number

 1777

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Products Malformed Regular Expressions


This signature detects attempts to exploit a known vulnerability in the Mozilla Internet suite. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.

Extended Description

The Mozilla Foundation has released six security advisories specifying vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird. These vulnerabilities allow attackers to: - execute arbitrary code - perform cross-site scripting attacks - supply malicious data through updates - inject arbitrary content - execute arbitrary JavaScript - crash affected applications and potentially execute arbitrary code. Other attacks may also be possible. The issues described here will be split into individual BIDs as more information becomes available. These issues are fixed in: - Mozilla Firefox version 1.5.0.7 - Mozilla Thunderbird version 1.5.0.7 - Mozilla SeaMonkey version 1.0.5

Affected Products

  • Avaya CVLAN
  • Avaya Integrated Management
  • Avaya Interactive Response
  • Avaya Messaging Storage Server MM3.0
  • Debian Linux 3.1.0
  • Debian Linux 3.1.0 Alpha
  • Debian Linux 3.1.0 Amd64
  • Debian Linux 3.1.0 Arm
  • Debian Linux 3.1.0 Hppa
  • Debian Linux 3.1.0 Ia-32
  • Debian Linux 3.1.0 Ia-64
  • Debian Linux 3.1.0 M68k
  • Debian Linux 3.1.0 Mips
  • Debian Linux 3.1.0 Mipsel
  • Debian Linux 3.1.0 Ppc
  • Debian Linux 3.1.0 S/390
  • Debian Linux 3.1.0 Sparc
  • Galeon Galeon Browser 1.3.21
  • Gentoo Linux
  • GNOME Epiphany 1.6.5
  • HP HP-UX B.11.11
  • HP HP-UX B.11.23
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2006.0.0
  • Mandriva Linux Mandrake 2006.0.0 X86 64
  • Mozilla Camino 0.7.0 .0
  • Mozilla Camino 0.8.0
  • Mozilla Camino 0.8.3
  • Mozilla Camino 0.8.4
  • Mozilla Camino 1.0
  • Mozilla Camino 1.0.1
  • Mozilla Camino 1.0.2
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.0 Rc
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox 1.0.1
  • Mozilla Firefox 1.0.2
  • Mozilla Firefox 1.0.3
  • Mozilla Firefox 1.0.4
  • Mozilla Firefox 1.0.5
  • Mozilla Firefox 1.0.6
  • Mozilla Firefox 1.0.7
  • Mozilla Firefox 1.0.8
  • Mozilla Firefox 1.5.0
  • Mozilla Firefox 1.5.0.1
  • Mozilla Firefox 1.5.0.2
  • Mozilla Firefox 1.5.0.3
  • Mozilla Firefox 1.5.0.4
  • Mozilla Firefox 1.5.0.5
  • Mozilla Firefox 1.5.0.6
  • Mozilla Firefox 1.5.0 Beta 1
  • Mozilla Firefox 1.5.0 Beta 2
  • Mozilla Firefox 2.0 Beta 1
  • Mozilla Firefox Preview Release
  • Mozilla SeaMonkey 1.0
  • Mozilla SeaMonkey 1.0.1
  • Mozilla SeaMonkey 1.0.2
  • Mozilla SeaMonkey 1.0.3
  • Mozilla SeaMonkey 1.0 Dev
  • Mozilla Thunderbird 0.6.0
  • Mozilla Thunderbird 0.7.0
  • Mozilla Thunderbird 0.7.1
  • Mozilla Thunderbird 0.7.2
  • Mozilla Thunderbird 0.7.3
  • Mozilla Thunderbird 0.8.0
  • Mozilla Thunderbird 0.9.0
  • Mozilla Thunderbird 1.0.0
  • Mozilla Thunderbird 1.0.1
  • Mozilla Thunderbird 1.0.2
  • Mozilla Thunderbird 1.0.5
  • Mozilla Thunderbird 1.0.6
  • Mozilla Thunderbird 1.0.7
  • Mozilla Thunderbird 1.0.8
  • Mozilla Thunderbird 1.5.0
  • Mozilla Thunderbird 1.5.0.1
  • Mozilla Thunderbird 1.5.0.2
  • Mozilla Thunderbird 1.5.0.4
  • Mozilla Thunderbird 1.5.0.5
  • Mozilla Thunderbird 1.5.0 Beta 2
  • Netscape Browser 8.0
  • Netscape Browser 8.0.1
  • Netscape Browser 8.0.3 .3
  • Netscape Browser 8.0.4
  • Netscape Browser 8.1
  • Netscape Browser 8.1.2
  • Novell Linux Desktop 9
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • rPath rPath Linux 1
  • SGI Advanced Linux Environment 3.0.0
  • Slackware Linux 10.2.0
  • Slackware Linux -Current
  • SuSE Linux Personal 10.0.0 OSS
  • SuSE Linux Personal 10.1
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Professional 10.0.0
  • SuSE Linux Professional 10.1
  • SuSE Linux Professional 9.2.0
  • SuSE Linux Professional 9.3.0
  • SuSE SUSE Linux Enterprise Desktop 10
  • SuSE SUSE Linux Enterprise Server 10
  • Ubuntu Ubuntu Linux 5.0.0 4 Amd64
  • Ubuntu Ubuntu Linux 5.0.0 4 I386
  • Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
  • Ubuntu Ubuntu Linux 5.10.0 Amd64
  • Ubuntu Ubuntu Linux 5.10.0 I386
  • Ubuntu Ubuntu Linux 5.10.0 Powerpc
  • Ubuntu Ubuntu Linux 5.10.0 Sparc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc

References

  • BugTraq: 20042
  • CVE: CVE-2006-4566

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out