Intrusion Prevention

Mozilla.Firefox.nsTreeRange.Code.Execution

Description

This indicates an attack attempt against a remote Code Execution vulnerability in Mozilla FireFox.
The issue is caused by an error when the vulnerable software handles user defined functions of a "nsTreeSelection" element. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

Affected Products

Mozilla Firefox version 3.6.16 and prior.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to Mozilla Firefox 3.6.17 or 4.x version.

CVE References

CVE-2011-0073