This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a vulnerability in Mozilla Firefox which may result in remote code execution.
Mozilla Firefox is prone to a remote code-execution vulnerability.
Successful exploits may allow an attacker to crash the application or execute arbitrary machine code in the context of the affected application.
Mozilla Firefox versions 1.5.0 to 184.108.40.206 are vulnerable to this issue.
This issue was previously discussed in BID 19181 (Mozilla Multiple Products Remote Vulnerabilities).
It has been assigned a separate BID because new information has become available.
- Flock Flock 0.7.3 2
- Gentoo Linux
- HP HP-UX B.11.11, B.11.23, B.11.31
- K-Meleon K-Meleon 1.0
- MandrakeSoft Linux Mandrake 2006.0, 2006.0 x86_64
- Mozilla Camino 0.7.0, 0.8, 0.8.3, 0.8.4, 1.0, 1.0.1, 1.0.2
- Mozilla Firefox 1.5, 1.5 beta 1, 1.5 beta 2
- Mozilla SeaMonkey 1.0, 1.0 dev, 1.0.1, 1.0.2, 1.0.3
- Netscape Browser 8.1
- RedHat Advanced Workstation for the Itanium Processor 2.1, 2.1 IA64
- RedHat Desktop 3.0, 4.0
- RedHat Enterprise Linux AS 2.1, AS 2.1 IA64, AS 3, AS 4, ES 2.1, ES 2.1 IA64, ES 3, ES 4, WS 2.1, WS 2.1 IA64, WS 3, WS 4
- rPath rPath Linux 1
- Slackware Linux -current, 10.2
- Ubuntu Ubuntu Linux 5.10 amd64, 5.10 i386, 5.10 powerpc, 5.10 sparc, 6.6 LTS amd64, 6.6 LTS i386, 6.6 LTS powerpc, 6.6 LTS sparc
New versions of Firefox and SeaMonkey are available to address these issues. Most Mozilla applications have self-updating features that may be used to download and install fixes.
Please see the referenced advisories for information on obtaining and applying fixes.