Intrusion PreventionMozilla.Firefox.Domain.Handling.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in Mozilla Firefox and Thunderbird.
The vulnerability is caused by an error when the vulnerable software handles a crafted hostname. It allows a remote attacker to execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD).
Affected Products
Gain Access, remote code execution.
Impact
Mozilla Firefox version 1.0.6 and prior
Mozilla Firefox version 1.5 Beta 1 and prior
Mozilla Suite version 1.7.11 and prior
Mozilla Thunderbird version 1.0.6 and prior
Netscape version 8.0.3.3 and prior
Recommended Actions
Upgrade to Mozilla Firefox 1.0.7 or Mozilla Suite 1.7.12 :
http://www.mozilla.org/products/
Upgrade to Mozilla Thunderbird 1.0.7 :
http://www.mozilla.org/products/thunderbird/
Disable IDN support automatically by installing this temporary fix :
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.6/patches/307259.xpi
Upgrade to Netscape version 8.0.4 :
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-03-13 | 14.572 | Sig Added |
| ID | 13405 |
| Created | Oct 19, 2006 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2005-2871 |
| Exploit Prediction Score | 96.42% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, Other |
| Affected App | Mozilla |