This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:MOZILLA:STR-REPLACE
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Mozilla JavaScript String Replace Buffer Overflow
|
Release Date |
2010/10/19
|
Update Number |
1794
|
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Mozilla JavaScript String Replace Buffer Overflow
This signature detects attempts to exploit a known heap buffer overflow vulnerability in Mozilla Firefox and SeaMonkey products. It is due to improper processing of a crafted substring when performing the replace operation in JavaScript. Remote attacker can exploit this by enticing target users to visit a malicious Web page. A successful attack can lead to arbitrary code execution with the privileges of the logged in user. In an unsuccessful attack, the Web browser terminates abnormally.
Extended Description
The Mozilla Foundation has released multiple advisories to address vulnerabilities in Firefox.
An attacker can exploit these issues to obtain potentially sensitive information, execute arbitrary code, elevate privileges, and cause denial-of-service conditions.
Affected Products
- Avaya intuity_audix_lx 1.0
- Avaya intuity_audix_lx 2.0
- Avaya intuity_audix_lx 2.0 SP1
- Avaya intuity_audix_lx 2.0 SP2
- Avaya intuity_audix_lx R1.1
- Avaya message_networking 3.1
- Avaya message_networking MN 3.1
- Avaya message_networking
- Avaya messaging_storage_server 1.0
- Avaya messaging_storage_server 2.0
- Avaya messaging_storage_server 3.1
- Avaya messaging_storage_server 4.0
- Avaya messaging_storage_server 5.0
- Avaya messaging_storage_server MM3.0
- Avaya messaging_storage_server
- Debian linux 4.0
- Debian linux 4.0 Alpha
- Debian linux 4.0 Amd64
- Debian linux 4.0 Arm
- Debian linux 4.0 Armel
- Debian linux 4.0 Hppa
- Debian linux 4.0 Ia-32
- Debian linux 4.0 Ia-64
- Debian linux 4.0 M68k
- Debian linux 4.0 Mips
- Debian linux 4.0 Mipsel
- Debian linux 4.0 Powerpc
- Debian linux 4.0 S/390
- Debian linux 4.0 Sparc
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Mandriva enterprise_server 5
- Mandriva enterprise_server 5 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Mandriva linux_mandrake 2009.1
- Mandriva linux_mandrake 2009.1 X86 64
- Mozilla firefox 3.0
- Mozilla firefox 3.0.1
- Mozilla firefox 3.0.10
- Mozilla firefox 3.0.11
- Mozilla firefox 3.0.12
- Mozilla firefox 3.0.13
- Mozilla firefox 3.0.2
- Mozilla firefox 3.0.3
- Mozilla firefox 3.0.4
- Mozilla firefox 3.0.5
- Mozilla firefox 3.0.6
- Mozilla firefox 3.0.7
- Mozilla firefox 3.0.7 Beta
- Mozilla firefox 3.0.8
- Mozilla firefox 3.0.9
- Mozilla firefox 3.0 Beta 5
- Mozilla firefox 3.1 Beta 1
- Mozilla firefox 3.1 Beta 2
- Mozilla firefox 3.1 Beta 3
- Mozilla firefox 3.5.0
- Mozilla firefox 3.5.1
- Mozilla firefox 3.5.2
- Mozilla seamonkey 1.1.1
- Mozilla seamonkey 1.1.10
- Mozilla seamonkey 1.1.11
- Mozilla seamonkey 1.1.12
- Mozilla seamonkey 1.1.13
- Mozilla seamonkey 1.1.14
- Mozilla seamonkey 1.1.15
- Mozilla seamonkey 1.1.16
- Mozilla seamonkey 1.1.17
- Mozilla seamonkey 1.1.18
- Mozilla seamonkey 1.1.2
- Mozilla seamonkey 1.1.3
- Mozilla seamonkey 1.1.4
- Mozilla seamonkey 1.1.5
- Mozilla seamonkey 1.1.6
- Mozilla seamonkey 1.1.7
- Mozilla seamonkey 1.1.8
- Mozilla seamonkey 1.1.9
- Mozilla seamonkey 1.1 Beta
- Mozilla thunderbird 2.0.0.12
- Mozilla thunderbird 2.0.0.13
- Mozilla thunderbird 2.0.0.14
- Mozilla thunderbird 2.0.0.15
- Mozilla thunderbird 2.0.0.16
- Mozilla thunderbird 2.0.0.17
- Mozilla thunderbird 2.0.0.18
- Mozilla thunderbird 2.0.0 .19
- Mozilla thunderbird 2.0.0.21
- Mozilla thunderbird 2.0.0.22
- Mozilla thunderbird 2.0.0.23
- Mozilla thunderbird 2.0.0.4
- Mozilla thunderbird 2.0.0.5
- Mozilla thunderbird 2.0.0.6
- Mozilla thunderbird 2.0.0.8
- Mozilla thunderbird 2.0.0.9
- Pardus linux_2008
- Pardus linux_2009
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux Desktop Version 4
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_as 4.8.Z
- Red_hat enterprise_linux_desktop 5 Client
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_es 4.8.Z
- Red_hat enterprise_linux_optional_productivity_application 5.4.Z Server
- Red_hat enterprise_linux_optional_productivity_application 5 Server
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 10
- Red_hat fedora 11
- Slackware linux 12.2
- Slackware linux 13.0
- Slackware linux 13.0 X86 64
- Slackware linux -Current
- Slackware linux X86 64 -Current
- Sun opensolaris Build Snv 100
- Sun opensolaris Build Snv 101
- Sun opensolaris Build Snv 101A
- Sun opensolaris Build Snv 102
- Sun opensolaris Build Snv 103
- Sun opensolaris Build Snv 104
- Sun opensolaris Build Snv 105
- Sun opensolaris Build Snv 106
- Sun opensolaris Build Snv 107
- Sun opensolaris Build Snv 108
- Sun opensolaris Build Snv 109
- Sun opensolaris Build Snv 110
- Sun opensolaris Build Snv 111
- Sun opensolaris Build Snv 111A
- Sun opensolaris Build Snv 112
- Sun opensolaris Build Snv 113
- Sun opensolaris Build Snv 114
- Sun opensolaris Build Snv 115
- Sun opensolaris Build Snv 116
- Sun opensolaris Build Snv 117
- Sun opensolaris Build Snv 118
- Sun opensolaris Build Snv 119
- Sun opensolaris Build Snv 120
- Sun opensolaris Build Snv 121
- Sun opensolaris Build Snv 122
- Sun opensolaris Build Snv 123
- Sun opensolaris Build Snv 124
- Sun opensolaris Build Snv 95
- Sun opensolaris Build Snv 96
- Sun opensolaris Build Snv 98
- Sun opensolaris Build Snv 99
- Suse opensuse 10.3
- Suse opensuse 11.0
- Suse opensuse 11.1
- Suse suse_linux_enterprise 10 SP2 DEBUGINFO
- Suse suse_linux_enterprise 10 SP3 DEBUGINFO
- Suse suse_linux_enterprise 11
- Suse suse_linux_enterprise_desktop 10 SP2
- Suse suse_linux_enterprise_desktop 10 SP3
- Suse suse_linux_enterprise_desktop 11
- Suse suse_linux_enterprise_sdk 10 SP2
- Suse suse_linux_enterprise_sdk 10 SP3
- Suse suse_linux_enterprise_server 10 SP2
- Suse suse_linux_enterprise_server 10 SP3
- Suse suse_linux_enterprise_server 11
- Suse suse_linux_enterprise_server 11 DEBUGINFO
- Turbolinux client 2008
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
- Ubuntu ubuntu_linux 8.10 Amd64
- Ubuntu ubuntu_linux 8.10 I386
- Ubuntu ubuntu_linux 8.10 Lpia
- Ubuntu ubuntu_linux 8.10 Powerpc
- Ubuntu ubuntu_linux 8.10 Sparc
- Ubuntu ubuntu_linux 9.04 Amd64
- Ubuntu ubuntu_linux 9.04 I386
- Ubuntu ubuntu_linux 9.04 Lpia
- Ubuntu ubuntu_linux 9.04 Powerpc
- Ubuntu ubuntu_linux 9.04 Sparc
- Ubuntu ubuntu_linux 9.10 Amd64
- Ubuntu ubuntu_linux 9.10 I386
- Ubuntu ubuntu_linux 9.10 Lpia
- Ubuntu ubuntu_linux 9.10 Powerpc
- Ubuntu ubuntu_linux 9.10 Sparc
References