Update Protection against Mozilla Firefox Plugin Parameter Array Dangling Pointer Vulnerability
| Check Point Reference: | CPAI-2010-258 | |
| Date Published: | ||
| Severity: | ||
| Source: | Mozilla Foundation Security Advisory 2010-48 | |
| Industry Reference(s): | CVE-2010-2755 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Mozilla Foundation FireFox 3.6.7 | ||
| Vulnerability Description A code execution vulnerability has been reported in Mozilla Firefox. Mozilla Firefox is a web browser developed by Mozilla Foundation. A remote attacker may exploit this vulnerability to execute arbitrary code on an affected system. |
||
|
Vulnerability Details The vulnerability is due to an error in Mozilla Firefox while handling plugins parameters contained in a malicious <object> tag. A remote attacker can exploit this vulnerability by enticing a user to visit a specially crafted web page. Successful exploitation of this vulnerability will crash the browser, and may allow execution of arbitrary code on the vulnerable system. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection taband select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.