1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Mozilla Firefox TraceMonkey Code Exec

HTTP Mozilla Firefox TraceMonkey Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature will detect attempts to exploit a Remote Code Execution Vulnerability in Mozilla Firefox 3.5.

Additional Information

Mozilla Firefox is a web browser available for various platforms.

Firefox is prone to a remote code-execution vulnerability. The problem occurs in the 'Tracemonkey' component. The issue presents itself in the 'LeaveTree' function of the 'jstracer.cpp' file. Specifically, the issue occurs because in certain scenarios the function incorrectly restores values returned by native functions calls when 'deep bail' conditions arise.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions.

The issue affects Firefox 3.5; other versions may also be vulnerable.

NOTE: Remote code execution was confirmed in Firefox 3.5 running on Microsoft Windows XP SP2. A crash was observed in Firefox 3.5 on Windows XP SP3.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube