Intrusion Prevention

Mozilla.Firefox.XUL.Tree.MoveToEdgeShift.Code.Execution

Description

This indicates an attack attempt against a remote code-execution vulnerability in Mozilla Firefox software.
The vulnerability is a result of the application's failure to handle malicious calls to the XUL tree method _moveToEdgeShift(). As a result, a remote attacker can send a crafted HTML file to execute code on a vulnerable system.

Affected Products

Mozilla Firefox older than 3.0.8

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update your software to at least version 3.0.8

CVE References

CVE-2009-1044