Intrusion Prevention

Mozilla.Firefox.COW.Arbitrary.JavaScript.Code.Execution

Description

This indicates an attack attempt against a Privilege Elevation vulnerability in Mozilla Firefox.
The vulnerability is due to an error when the vulnerable software handles a referencing of Object.prototype.__proto__ in a crafted HTML document. An attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within the context of the application.

Affected Products

Mozilla Firefox prior to 18.0
Mozilla Firefox ESR 10.x prior to 10.0.12 and 17.x prior to 17.0.2
Mozilla Thunderbird prior to 17.0.2
Mozilla Thunderbird ESR 10.x prior to 10.0.12 and 17.x prior to 17.0.2
Mozilla SeaMonkey prior to 2.15

Impact

Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.mozilla.org

CVE References

CVE-2013-0757