1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Firefox Tor Bundle Exploit

Web Attack: Firefox Tor Bundle Exploit

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempts to exploit a remote code-execution vulnerability in Mozilla Firefox, Thunderbird which could result in remote code execution.

Additional Information

Firefox is a browser. Thunderbird is an email client. Both applications are available for multiple platforms.

The applications are prone to a remote code-execution vulnerability when handling specially crafted webpages using the 'onreadystatechange' event. An attacker can exploit this issue by reloading the malicious webpages which results in execution of an unmapped memory.

An attacker can exploit this issue to execute arbitrary code or crash the application resulting in denial-of-service conditions.

Note: This issue was previously discussed in BID 60762 (Mozilla Firefox/Thunderbird MFSA 2013-49 through -62 Multiple Vulnerabilities), but has been moved to its own record for better documentation.

This issue is fixed in:

Firefox 22.0
Firefox ESR 17.0.7
Thunderbird 17.0.7
Thunderbird ESR 17.0.7


  • Mozilla Firefox before 22.0
  • Firefox ESR 17.x before 17.0.7
  • Thunderbird before 17.0.7
  • Thunderbird ESR 17.x before 17.0.7


Updates are available. Please see the references or vendor advisory for more information.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube