Intrusion PreventionMozilla.Browsers.JavaScript.Navigator.Object.Memory.Corruption
Description
This indicates an attack attempt against a remote code-execution vulnerability in Mozilla browsers.
The vulnerability is caused by an error when the vulnerable software handles invalid JavaScript window.navigator object values. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products
Ubuntu Ubuntu Linux 5.10 sparc
Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Slackware Linux 10.2
Slackware Linux -current
rPath rPath Linux 1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Netscape Browser 8.1
Mozilla SeaMonkey 1.0.2
Mozilla SeaMonkey 1.0.1
Mozilla SeaMonkey 1.0 dev
Mozilla SeaMonkey 1.0
Mozilla Firefox 1.5 beta 2
Mozilla Firefox 1.5 beta 1
Mozilla Firefox 1.5 .4
Mozilla Firefox 1.5 .3
Mozilla Firefox 1.5
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.2
Mozilla Firefox 1.5.0.1
Mozilla Camino 1.0.2
Mozilla Camino 1.0.1
Mozilla Camino 0.8.4
Mozilla Camino 0.8.3
Mozilla Camino 0.8
Mozilla Camino 0.7 .0
Mozilla Camino 1.0
MandrakeSoft Linux Mandrake 2006.0 x86_64
MandrakeSoft Linux Mandrake 2006.0
K-Meleon K-Meleon 1.0
Gentoo Linux
Flock Flock 0.7.3 2
Impact
Execute arbitrary code
Recommended Actions
Refer to Mozilla Foundation Security Advisory 2006-45 for the upgrade or suggested workaround information:
http://www.mozilla.org/security/announce/2006/mfsa2006-45.html
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 13296 |
| Created | Oct 17, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-3677 |
| Exploit Prediction Score | 97.33% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Mozilla |