Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:MOZ-FLOAT-OF

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Mozilla Firefox Floating Point Number Conversion Memory Corruption

Release Date

 2010/10/14

Update Number

 1792

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Firefox Floating Point Number Conversion Memory Corruption


A memory corruption vulnerability exists in Mozilla Firefox Browser. The vulnerability is due to a boundary error when processing very long floating point numbers. A remote attacker can exploit this vulnerability by enticing the target user to open a malicious web page. Successful exploitation could result in execution of arbitrary code within the security context of the currently logged on user. An unsuccessful exploit attempt can crash the affected application.

Extended Description

Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions. NOTE: This issue was previously covered in BID 36843 (Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities). NOTE 2: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability), but because of differences in the code base, it is being assigned its own record.

Affected Products

  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity AUDIX LX 2.0 SP1
  • Avaya Intuity AUDIX LX 2.0 SP2
  • Avaya Message Networking 3.1
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Flock 2.5.2
  • K-Meleon 1.5.3
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • Mozilla Camino 1.6.9
  • Mozilla Firefox 3.0
  • Mozilla Firefox 3.0.1
  • Mozilla Firefox 3.0.10
  • Mozilla Firefox 3.0.11
  • Mozilla Firefox 3.0.12
  • Mozilla Firefox 3.0.13
  • Mozilla Firefox 3.0.14
  • Mozilla Firefox 3.0.2
  • Mozilla Firefox 3.0.3
  • Mozilla Firefox 3.0.4
  • Mozilla Firefox 3.0.5
  • Mozilla Firefox 3.0.6
  • Mozilla Firefox 3.0.7
  • Mozilla Firefox 3.0.8
  • Mozilla Firefox 3.0.9
  • Mozilla Firefox 3.5.0
  • Mozilla Firefox 3.5.1
  • Mozilla Firefox 3.5.2
  • Mozilla Firefox 3.5.3
  • Mozilla SeaMonkey 1.1.1
  • Mozilla SeaMonkey 1.1.10
  • Mozilla SeaMonkey 1.1.11
  • Mozilla SeaMonkey 1.1.12
  • Mozilla SeaMonkey 1.1.13
  • Mozilla SeaMonkey 1.1.14
  • Mozilla SeaMonkey 1.1.15
  • Mozilla SeaMonkey 1.1.16
  • Mozilla SeaMonkey 1.1.17
  • Mozilla SeaMonkey 1.1.18
  • Mozilla SeaMonkey 1.1.2
  • Mozilla SeaMonkey 1.1.3
  • Mozilla SeaMonkey 1.1.4
  • Mozilla SeaMonkey 1.1.5
  • Mozilla SeaMonkey 1.1.6
  • Mozilla SeaMonkey 1.1.7
  • Mozilla SeaMonkey 1.1.8
  • Mozilla SeaMonkey 1.1.9
  • Mozilla SeaMonkey 1.1 Beta
  • Mozilla Sunbird 0.9
  • Mozilla Thunderbird 2.0.0.12
  • Mozilla Thunderbird 2.0.0.13
  • Mozilla Thunderbird 2.0.0.14
  • Mozilla Thunderbird 2.0.0.15
  • Mozilla Thunderbird 2.0.0.16
  • Mozilla Thunderbird 2.0.0.17
  • Mozilla Thunderbird 2.0.0.18
  • Mozilla Thunderbird 2.0.0 .19
  • Mozilla Thunderbird 2.0.0.21
  • Mozilla Thunderbird 2.0.0.22
  • Mozilla Thunderbird 2.0.0.23
  • Mozilla Thunderbird 2.0.0.4
  • Mozilla Thunderbird 2.0.0.5
  • Mozilla Thunderbird 2.0.0.6
  • Mozilla Thunderbird 2.0.0.8
  • Mozilla Thunderbird 2.0.0.9
  • Mozilla Thunderbird 3.0
  • Pardus Linux 2008
  • Pardus Linux 2009
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux AS 4.8.Z
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux ES 4.8.Z
  • Red Hat Enterprise Linux Optional Productivity Application 5.4.Z Server
  • Red Hat Enterprise Linux Optional Productivity Application 5 Server
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 10
  • Red Hat Fedora 11
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux -Current
  • Sun OpenSolaris Build Snv 100
  • Sun OpenSolaris Build Snv 101
  • Sun OpenSolaris Build Snv 101A
  • Sun OpenSolaris Build Snv 102
  • Sun OpenSolaris Build Snv 103
  • Sun OpenSolaris Build Snv 104
  • Sun OpenSolaris Build Snv 105
  • Sun OpenSolaris Build Snv 106
  • Sun OpenSolaris Build Snv 107
  • Sun OpenSolaris Build Snv 108
  • Sun OpenSolaris Build Snv 109
  • Sun OpenSolaris Build Snv 110
  • Sun OpenSolaris Build Snv 111
  • Sun OpenSolaris Build Snv 111A
  • Sun OpenSolaris Build Snv 112
  • Sun OpenSolaris Build Snv 113
  • Sun OpenSolaris Build Snv 114
  • Sun OpenSolaris Build Snv 115
  • Sun OpenSolaris Build Snv 116
  • Sun OpenSolaris Build Snv 117
  • Sun OpenSolaris Build Snv 118
  • Sun OpenSolaris Build Snv 119
  • Sun OpenSolaris Build Snv 120
  • Sun OpenSolaris Build Snv 121
  • Sun OpenSolaris Build Snv 122
  • Sun OpenSolaris Build Snv 123
  • Sun OpenSolaris Build Snv 124
  • Sun OpenSolaris Build Snv 125
  • Sun OpenSolaris Build Snv 126
  • Sun OpenSolaris Build Snv 127
  • Sun OpenSolaris Build Snv 95
  • Sun OpenSolaris Build Snv 96
  • Sun OpenSolaris Build Snv 98
  • Sun OpenSolaris Build Snv 99
  • SuSE Linux 10.0
  • SuSE Linux 11
  • SuSE Linux 9
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
  • SuSE SUSE Linux Enterprise 10 SP3 DEBUGINFO
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise Desktop 10 SP2
  • SuSE SUSE Linux Enterprise Desktop 10 SP3
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise SDK 10 SP2
  • SuSE SUSE Linux Enterprise SDK 10 SP3
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 11 DEBUGINFO
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc
  • VMWare ESX Server 4.0
  • VMWare vMA 4.0

References

  • BugTraq: 36851
  • CVE: CVE-2009-1563

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out