Intrusion Prevention

Mozilla.Network.Security.Services.Regexp.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in Mozilla Network Security Services, a library of functionality used by applications such as Mozilla FireFox, Mozilla Thunderbird and others.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted X.509 certificate. It allows a remote attacker to execute arbitrary code.

Affected Products

Network Security Services (NSS) 3.12.2 and previous versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to Network Security Services (NSS) version 3.12.3:
http://www.mozilla.org/projects/security/pki/nss/#NSS_3_12_3

CVE References

CVE-2009-2404