Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:NSCSSVALUE-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Mozilla Products nsCSSValue Array Index Integer Overflow

Release Date

 2011/08/04

Update Number

 1967

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla Products nsCSSValue Array Index Integer Overflow


This signature detects attempts to exploit a known vulnerability in Mozilla Products. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Mozilla Firefox, Thunderbird, and SeaMonkey are prone to an integer-overflow vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application. This issue is fixed in: Firefox 3.6.7 Firefox 3.5.11 SeaMonkey 2.0.6 Thunderbird 3.0.6 Thunderbird 3.1.1 NOTE: This issue was previously covered in BID 41824 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it.

Affected Products

  • Avaya Aura Session Manager 1.0
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 5.2 SP1
  • Avaya Aura Session Manager 5.2 SP2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura System Manager 1.0
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Intuity AUDIX LX 1.0
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity AUDIX LX 2.0 SP1
  • Avaya Intuity AUDIX LX 2.0 SP2
  • Avaya Intuity AUDIX LX R1.1
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 3.1 SP1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Mozilla Firefox 3.5.0
  • Mozilla Firefox 3.5.1
  • Mozilla Firefox 3.5.10
  • Mozilla Firefox 3.5.2
  • Mozilla Firefox 3.5.3
  • Mozilla Firefox 3.5.4
  • Mozilla Firefox 3.5.5
  • Mozilla Firefox 3.5.6
  • Mozilla Firefox 3.5.7
  • Mozilla Firefox 3.5.8
  • Mozilla Firefox 3.5.9
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.3
  • Mozilla Firefox 3.6.4
  • Mozilla SeaMonkey 2.0
  • Mozilla SeaMonkey 2.0.1
  • Mozilla SeaMonkey 2.0.2
  • Mozilla SeaMonkey 2.0.3
  • Mozilla SeaMonkey 2.0.4
  • Mozilla SeaMonkey 2.0.5
  • Mozilla Thunderbird 3.0
  • Mozilla Thunderbird 3.0.1
  • Mozilla Thunderbird 3.0.2
  • Mozilla Thunderbird 3.0.4
  • Mozilla Thunderbird 3.0.5
  • Pardus Linux 2009
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 12
  • Red Hat Fedora 13
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux 13.1
  • Slackware Linux 13.1 X86 64
  • Slackware Linux -Current
  • Slackware Linux X86 64 -Current
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 11 Express
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE SUSE Linux Enterprise Desktop 10 SP3
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise Desktop 11 SP1
  • SuSE SUSE Linux Enterprise SDK 10 SP3
  • SuSE SUSE Linux Enterprise SDK 11
  • SuSE SUSE Linux Enterprise SDK 11 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 11 SP1
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc

References

  • BugTraq: 41852
  • CVE: CVE-2010-2752

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out