Intrusion Prevention

Mozilla.Firefox.SVG.Element.Processing.Memory.Corruption

Description

This indicates an attack attempt against a memory-corruption vulnerability in Mozilla Firefox.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SVG element. It allows a remote attacker to execute arbitrary code.

Affected Products

Mozilla Firefox 3.5
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.7 Beta
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0 Beta 5
Mozilla Firefox 3.0

Impact

System compromise
Denial of service

Recommended Actions

Upgrade to Mozilla Firefox 3.5.1 or 3.0.12:
http://www.mozilla.com/firefox/

CVE References

CVE-2009-2469