1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Mozilla Regex Heap Corruption

HTTP Mozilla Regex Heap Corruption

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit heap overflow vulnerability by checking for malformed regular expression patterns.

Additional Information

The Mozilla Foundation has released six security advisories regarding security vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird. The specific vulnerabilities are as follows:

MFSA2006-57 - Firefox, Thunderbird, and SeaMonkey are prone to multiple buffer overflow vulnerabilities:

- A JavaScript regular expression containing a minimal quantifier may result in a heap-based buffer overflow. This may potentially be exploited to execute arbitrary code.

- A regular expression ending with a backslash inside an unterminated character set '[\' will lead to a buffer overflow. An attacker may be able to exploit this issue to execute arbitrary code in the context of the affected application.

MFSA2006-58 - Firefox and Thunderbird are prone to a man-in-the-middle attack that could result in affected applications using an attacker-controlled site to retrieve updates. The problem occurs when users accept unverifiable self-signed certificates on 'low value' sites. If an attacker is in a position to spoof the victim's DNS, the attacker can further exploit this issue to cause the auto-update mechanism to retrieve further updates from attacker-controlled sites.

MFSA2006-61 - Firefox and SeaMonkey are prone to a vulnerability that could inject content into a sub-frame of another site. The problem occurs in 'targetWindow.frames[n].document.open()' and can be exploited to inject arbitrary content to aid in phishing attacks; other attacks are also possible.

MFSA2006-62 - Firefox is prone to a cross-site scripting vulnerability. This issue occurs because blocked popups opened from the status bar 'blocked popups' icon are opened in the context of the site listed in the 'address bar', regardless of the original location. An attacker can exploit this issue to execute arbitrary HTML or script code in the victim's browser in the context of the affected site. This may let the attacker steal cookie-based authentication credentials or launch other attacks. A successful exploit of this issue would require the victim user to visit a malicious page where a popup is blocked, then visit a trusted site and then accept the blocked popup.

MFSA2006-63 - Thunderbird and SeaMonkey are prone to a vulnerability that could permit the execution of JavaScript code even if JavaScript is disabled in mail. An attacker can exploit this issue by putting the malicious script code in a remote XBL file that is loaded by a message that is either viewed, replied to, or forwarded by a vulnerable application.

MFSA2006-64 - Firefox, Thunderbird, and SeaMonkey are prone to multiple memory-corruption vulnerabilities. While most of these issues result in denial-of-service conditions, some may be exploitable to execute arbitrary code.

The issues described here will be split into individual BIDs as more information becomes available.

These issues are fixed in:

- Mozilla Firefox version 1.5.0.7n- Mozilla Thunderbird version 1.5.0.7n- Mozilla SeaMonkey version 1.0.5

Affected

  • Avaya CVLAN
  • Avaya Integrated Management
  • Avaya Interactive Response
  • Avaya Messaging Storage Server MM3.0
  • Debian Linux 3.1, 3.1 alpha, 3.1 amd64, 3.1 arm, 3.1 hppa, 3.1 ia-32, 3.1 ia-64, 3.1 m68k, 3.1 mips, 3.1 mipsel, 3.1 ppc, 3.1 s/390, 3.1 sparc
  • Galeon Galeon Browser 1.3.21
  • Gentoo Linux
  • GNOME Epiphany 1.6.5
  • HP HP-UX B.11.11, B.11.23
  • MandrakeSoft Corporate Server 3.0, 3.0 x86_64, 4.0, 4.0 x86_64
  • MandrakeSoft Linux Mandrake 2006.0, 2006.0 x86_64
  • Mozilla Camino 0.7.0, 0.8, 0.8.3, 0.8.4, 1.0, 1.0.1, 1.0.2
  • Mozilla Firefox Preview Release, 0.8, 0.9, 0.9 rc, 0.9.1, 0.9.2, 0.9.3, 0.10, 0.10.1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.5, 1.5.6, 1.5 beta 1, 1.5 beta 2, 2.0 beta 1
  • Mozilla SeaMonkey 1.0, 1.0 dev, 1.0.1, 1.0.2, 1.0.3
  • Mozilla Thunderbird 0.6, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.8, 0.9, 1.0, 1.0.1, 1.0.2, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.5, 1.5 beta 2
  • Novell Linux Desktop 9
  • RedHat Advanced Workstation for the Itanium Processor 2.1, 2.1 IA64
  • RedHat Desktop 3.0, 4.0
  • RedHat Enterprise Linux AS 2.1, AS 2.1 IA64, AS 3, AS 4, ES 2.1, ES 2.1 IA64, ES 3, ES 4, WS 2.1, WS 2.1 IA64, WS 3, WS 4
  • rPath rPath Linux 1
  • S.u.S.E. Linux Personal 10.1, 9.2, 9.3, 10.0 OSS
  • S.u.S.E. Linux Professional 9.2, 9.3, 10.0, 10.1
  • S.u.S.E. SUSE Linux Enterprise Desktop 10
  • S.u.S.E. SUSE Linux Enterprise Server 10
  • SGI Advanced Linux Environment 3.0
  • Slackware Linux -current, 10.2
  • Ubuntu Ubuntu Linux 5.0 4 amd64, 5.0 4 i386, 5.0 4 powerpc, 5.10 amd64, 5.10 i386, 5.10 powerpc, 5.10 sparc, 6.6 LTS amd64, 6.6 LTS i386, 6.6 LTS powerpc, 6.6 LTS sparc

Response

New versions of Firefox, SeaMonkey, and Thunderbird are available to address these issues. Most Mozilla applications have self-updating features that may be used to download and install fixes.

Please see the referenced advisories for information on obtaining and applying fixes.

Mozilla Firefox 1.5.0.2:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 2.0 beta 1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox Preview Release:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.8:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.9:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.9 rc:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.9.1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.9.2:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.9.3:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.10 :
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 0.10.1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.2:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.3:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.4:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.5:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.5:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.6:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.7:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.0.8:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 beta 1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 beta 2:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 .1:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 .2:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 .3:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 .4:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 .6:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla Firefox 1.5 5:
Mozilla Upgrade Mozilla Firefox version 1.5.0.7
Slackware Upgrade mozilla-firefox-1.5.0.7-i686-1.tgz


Mozilla SeaMonkey 1.0:
Mozilla Upgrade seamonkey-1.0.5.source.tar.bz2
Slackware Upgrade seamonkey-1.0.5-i486-1.tgz


Mozilla SeaMonkey 1.0 dev:
Mozilla Upgrade seamonkey-1.0.5.source.tar.bz2
Slackware Upgrade seamonkey-1.0.5-i486-1.tgz


Mozilla SeaMonkey 1.0.1:
Mozilla Upgrade seamonkey-1.0.5.source.tar.bz2
Slackware Upgrade seamonkey-1.0.5-i486-1.tgz


Mozilla SeaMonkey 1.0.2:
Mozilla Upgrade seamonkey-1.0.5.source.tar.bz2
Slackware Upgrade seamonkey-1.0.5-i486-1.tgz


Mozilla SeaMonkey 1.0.3:
Mozilla Upgrade seamonkey-1.0.5.source.tar.bz2
Slackware Upgrade seamonkey-1.0.5-i486-1.tgz


Mozilla Thunderbird 0.6:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.7:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.7.1 :
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.7.2:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.7.3:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.8:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 0.9:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.1:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.2:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.5:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.6:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.7:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.0.8:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.5:
Ubuntu Upgrade mozilla-thunderbird-typeaheadfind_1.5.0.7-0ubuntu0.5.10_amd64.deb
Ubuntu Upgrade mozilla-thunderbird_1.5.0.7-0ubuntu0.5.10_amd64.deb
Ubuntu Upgrade mozilla-thunderbird-enigmail_0.94-0ubuntu0.5.10_amd64.deb
Ubuntu Upgrade mozilla-thunderbird-dev_1.5.0.7-0ubuntu0.5.10_i386.deb
Ubuntu Upgrade mozilla-thunderbird-inspector_1.5.0.7-0ubuntu0.5.10_i386.deb
Ubuntu Upgrade mozilla-thunderbird-typeaheadfind_1.5.0.7-0ubuntu0.5.10_i386.deb
Ubuntu Upgrade mozilla-thunderbird-enigmail_0.94-0ubuntu0.5.10_i386.deb
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz
Ubuntu Upgrade mozilla-thunderbird-locale-ca_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-locale-de_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-locale-fr_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-locale-it_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade thunderbird-locale-nl_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-locale-pl_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-locale-uk_1.5-ubuntu5.10_all.deb
Ubuntu Upgrade mozilla-thunderbird-dev_1.5.0.7-0ubuntu0.5.10_amd64.deb


Mozilla Thunderbird 1.5 Beta 2:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.5 .1:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.5 .2:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.5 .4:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz


Mozilla Thunderbird 1.5 5:
Mozilla Upgrade Mozilla Thunderbird version 1.5.0.7
Slackware Upgrade mozilla-thunderbird-1.5.0.7-i686-1.tgz

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube