This application requires Javascript for optimal performance.

Mozilla.Firefox.Webworkers.Code.Execution

Release Date

Jan 05, 2010

Severity

critical

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Description

This indicates an attack attempt against a code-execution vulnerability in Mozilla Firefox.

The vulnerability is caused by an error when the vulnerable software handles malcious Javascript. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

Mozilla Firefox 3.5.x before 3.5.4

Recommended Actions

Upgrade to the latest version Firefox 3.5.4.

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2009-3371

Reference/s

http://www.mozilla.org/security/announce/2009/mfsa2009-54.html

Reference: VID-17889