Mozilla.Firefox.iframe.designMode.DoS

description-logoDescription

This indicates an attack attempt against a memory-corruption vulnerability in
Mozilla Firefox.
This issue is caused by an error when the vulnerable software handles malformed JavaScript code when "designMode" is set. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

affected-products-logoAffected Products

Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.1
Debian: Debian Linux 3.1
Hewlett-Packard Company: Tru64 UNIX Any version

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version of Firefox (1.5.0.3 or later), as listed in Mozilla Foundation Security Advisory 2006-30.
For Debian GNU/Linux (Mozilla):
Refer to Debian Security Advisory DSA-1053-1 for patch, upgrade, or suggested workaround information.
For Debian GNU/Linux (Firefox):
Refer to Debian Security Advisory DSA-1055-1 for patch, upgrade, or suggested workaround information.
For HP Tru64 UNIX:
Refer to Hewlett-Packard Company Security Bulletin HPSBTU02118 SSRT061145 for patch, upgrade, or suggested workaround information.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1 1