Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:MOZILLA:SVG-RCE

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Mozilla SVG getCharNumAtPosition Remote Code Execution

Release Date

 2011/10/10

Update Number

 2007

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Mozilla SVG getCharNumAtPosition Remote Code Execution


This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. A successful attack can lead to arbitrary code execution.

Extended Description

Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a remote code-execution vulnerability. The issue occurs when parsing specially malformed files and can be exploited to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. NOTE: This issue was previously discussed in BID 49166 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-29 through -30 Multiple Vulnerabilities) but has been given its own record to better document it.

Affected Products

  • Avaya Aura Presence Services 6.0
  • Avaya Aura Presence Services 6.1
  • Avaya Aura Presence Services 6.1.1
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 5.2 SP1
  • Avaya Aura Session Manager 5.2 SP2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura Session Manager 6.0 SP1
  • Avaya Aura Session Manager 6.1
  • Avaya Aura Session Manager 6.1.1
  • Avaya Aura Session Manager 6.1.2
  • Avaya Aura Session Manager 6.1.3
  • Avaya Aura Session Manager 6.1 Sp1
  • Avaya Aura Session Manager 6.1 SP2
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Aura System Manager 6.1
  • Avaya Aura System Manager 6.1.1
  • Avaya Aura System Manager 6.1.2
  • Avaya Aura System Manager 6.1.3
  • Avaya Aura System Manager 6.1 Sp1
  • Avaya Aura System Manager 6.1 SP2
  • Avaya Communication Server 1000E 6.0
  • Avaya Communication Server 1000E 7.0
  • Avaya Communication Server 1000E 7.5
  • Avaya Communication Server 1000E Signaling Server 6.0
  • Avaya Communication Server 1000E Signaling Server 7.0
  • Avaya Communication Server 1000E Signaling Server 7.5
  • Avaya Communication Server 1000M 6.0
  • Avaya Communication Server 1000M 7.0
  • Avaya Communication Server 1000M 7.5
  • Avaya Communication Server 1000M Signaling Server 6.0
  • Avaya Communication Server 1000M Signaling Server 7.0
  • Avaya Communication Server 1000M Signaling Server 7.5
  • Avaya IQ 4.0
  • Avaya IQ 4.1.0
  • Avaya IQ 4.2
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya IQ 5.1.1
  • Avaya IQ 5.2
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking 5.2.1
  • Avaya Message Networking 5.2.2
  • Avaya Message Networking 5.2 SP1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.1 SP1
  • Avaya Messaging Storage Server 5.1 SP2
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server 5.2.2
  • Avaya Messaging Storage Server 5.2.8
  • Avaya Messaging Storage Server 5.2 SP1
  • Avaya Messaging Storage Server 5.2 SP2
  • Avaya Messaging Storage Server 5.2 SP3
  • Debian Linux 6.0 amd64
  • Debian Linux 6.0 amd64
  • Debian Linux 6.0 arm
  • Debian Linux 6.0 ia-32
  • Debian Linux 6.0 ia-64
  • Debian Linux 6.0 mips
  • Debian Linux 6.0 powerpc
  • Debian Linux 6.0 s/390
  • Debian Linux 6.0 sparc
  • Mozilla Firefox 3.5.0
  • Mozilla Firefox 3.5.1
  • Mozilla Firefox 3.5.10
  • Mozilla Firefox 3.5.10
  • Mozilla Firefox 3.5.11
  • Mozilla Firefox 3.5.12
  • Mozilla Firefox 3.5.13
  • Mozilla Firefox 3.5.14
  • Mozilla Firefox 3.5.14
  • Mozilla Firefox 3.5.15
  • Mozilla Firefox 3.5.16
  • Mozilla Firefox 3.5.17
  • Mozilla Firefox 3.5.18
  • Mozilla Firefox 3.5.19
  • Mozilla Firefox 3.5.2
  • Mozilla Firefox 3.5.3
  • Mozilla Firefox 3.5.4
  • Mozilla Firefox 3.5.5
  • Mozilla Firefox 3.5.6
  • Mozilla Firefox 3.5.7
  • Mozilla Firefox 3.5.8
  • Mozilla Firefox 3.5.9
  • Mozilla Firefox 3.5.9
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6.10
  • Mozilla Firefox 3.6.11
  • Mozilla Firefox 3.6.12
  • Mozilla Firefox 3.6.13
  • Mozilla Firefox 3.6.13
  • Mozilla Firefox 3.6.14
  • Mozilla Firefox 3.6.15
  • Mozilla Firefox 3.6.16
  • Mozilla Firefox 3.6.17
  • Mozilla Firefox 3.6.18
  • Mozilla Firefox 3.6.19
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.3
  • Mozilla Firefox 3.6.4
  • Mozilla Firefox 3.6.5
  • Mozilla Firefox 3.6.6
  • Mozilla Firefox 3.6.6
  • Mozilla Firefox 3.6.7
  • Mozilla Firefox 3.6.8
  • Mozilla Firefox 3.6.9
  • Mozilla Firefox 3.6 Beta 2
  • Mozilla Firefox 3.6 Beta 3
  • Mozilla Firefox 4.0
  • Mozilla Firefox 4.0.1
  • Mozilla Firefox 4.0 Beta1
  • Mozilla Firefox 4.0 Beta1
  • Mozilla Firefox 4.0 Beta2
  • Mozilla Firefox 5.0
  • Mozilla SeaMonkey 2.0.1
  • Mozilla SeaMonkey 2.0.10
  • Mozilla SeaMonkey 2.0.11
  • Mozilla SeaMonkey 2.0.11
  • Mozilla SeaMonkey 2.0.12
  • Mozilla SeaMonkey 2.0.13
  • Mozilla SeaMonkey 2.0.14
  • Mozilla SeaMonkey 2.0.2
  • Mozilla SeaMonkey 2.0.3
  • Mozilla SeaMonkey 2.0.4
  • Mozilla SeaMonkey 2.0.4
  • Mozilla SeaMonkey 2.0.5
  • Mozilla SeaMonkey 2.0.5
  • Mozilla SeaMonkey 2.0.6
  • Mozilla SeaMonkey 2.0.7
  • Mozilla SeaMonkey 2.0.8
  • Mozilla SeaMonkey 2.0.9
  • Mozilla SeaMonkey 2.0 Alpha 1
  • Mozilla SeaMonkey 2.0 Alpha 2
  • Mozilla SeaMonkey 2.0 Alpha 3
  • Mozilla SeaMonkey 2.0 Beta 1
  • Mozilla SeaMonkey 2.0 Beta 2
  • Mozilla SeaMonkey 2.0 Rc1
  • Mozilla SeaMonkey 2.0 Rc2
  • Mozilla SeaMonkey 2.1b2
  • Mozilla Thunderbird 2.0
  • Mozilla Thunderbird 2.0.0.0
  • Mozilla Thunderbird 2.0.0.1
  • Mozilla Thunderbird 2.0.0.12
  • Mozilla Thunderbird 2.0.0.13
  • Mozilla Thunderbird 2.0.0.14
  • Mozilla Thunderbird 2.0.0.15
  • Mozilla Thunderbird 2.0.0.16
  • Mozilla Thunderbird 2.0.0.17
  • Mozilla Thunderbird 2.0.0.18
  • Mozilla Thunderbird 2.0.0 .19
  • Mozilla Thunderbird 2.0.0.2
  • Mozilla Thunderbird 2.0.0.21
  • Mozilla Thunderbird 2.0.0.22
  • Mozilla Thunderbird 2.0.0.23
  • Mozilla Thunderbird 2.0.0.24
  • Mozilla Thunderbird 2.0.0.3
  • Mozilla Thunderbird 2.0.0.4
  • Mozilla Thunderbird 2.0.0.5
  • Mozilla Thunderbird 2.0.0.6
  • Mozilla Thunderbird 2.0.0.7
  • Mozilla Thunderbird 2.0.0.8
  • Mozilla Thunderbird 2.0.0.9
  • Mozilla Thunderbird 2.0.14
  • Mozilla Thunderbird 3.0
  • Mozilla Thunderbird 3.0.1
  • Mozilla Thunderbird 3.0.10
  • Mozilla Thunderbird 3.0.11
  • Mozilla Thunderbird 3.0.11
  • Mozilla Thunderbird 3.0.2
  • Mozilla Thunderbird 3.0.3
  • Mozilla Thunderbird 3.0.4
  • Mozilla Thunderbird 3.0.4
  • Mozilla Thunderbird 3.0.5
  • Mozilla Thunderbird 3.0.5
  • Mozilla Thunderbird 3.0.6
  • Mozilla Thunderbird 3.0.7
  • Mozilla Thunderbird 3.0.8
  • Mozilla Thunderbird 3.0.9
  • Mozilla Thunderbird 3.0.9
  • Mozilla Thunderbird 3.1
  • Mozilla Thunderbird 3.1.1
  • Mozilla Thunderbird 3.1.10
  • Mozilla Thunderbird 3.1.11
  • Mozilla Thunderbird 3.1.2
  • Mozilla Thunderbird 3.1.2
  • Mozilla Thunderbird 3.1.3
  • Mozilla Thunderbird 3.1.4
  • Mozilla Thunderbird 3.1.5
  • Mozilla Thunderbird 3.1.5
  • Mozilla Thunderbird 3.1.6
  • Mozilla Thunderbird 3.1.7
  • Mozilla Thunderbird 3.1.7
  • Mozilla Thunderbird 3.1.8
  • Mozilla Thunderbird 3.1.9
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop 6
  • Red Hat Enterprise Linux Desktop Optional 6
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux HPC Node Optional 6
  • Red Hat Enterprise Linux Server 6
  • Red Hat Enterprise Linux Server Optional 6
  • Red Hat Enterprise Linux Workstation 6
  • Red Hat Enterprise Linux Workstation Optional 6
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 14
  • Red Hat Fedora 15
  • Red Hat Fedora 16
  • SuSE openSUSE 11.3
  • SuSE openSUSE 11.4
  • SuSE SUSE Linux Enterprise Desktop 10 SP4
  • SuSE SUSE Linux Enterprise Desktop 11 SP1
  • SuSE SUSE Linux Enterprise SDK 10 SP3
  • SuSE SUSE Linux Enterprise SDK 10 SP4
  • SuSE SUSE Linux Enterprise SDK 11 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 10 SP4
  • SuSE SUSE Linux Enterprise Server 11 SP1
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 ARM
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 10.10 amd64
  • Ubuntu Ubuntu Linux 10.10 ARM
  • Ubuntu Ubuntu Linux 10.10 i386
  • Ubuntu Ubuntu Linux 10.10 powerpc
  • Ubuntu Ubuntu Linux 11.04 amd64
  • Ubuntu Ubuntu Linux 11.04 ARM
  • Ubuntu Ubuntu Linux 11.04 i386
  • Ubuntu Ubuntu Linux 11.04 powerpc

References

  • BugTraq: 49213
  • CVE: CVE-2011-0084
  • URL: http://www.mozilla.org/security/announce/2011/mfsa2011-29.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out