Intrusion Prevention



This indicates an attack attempt against a code-execution vulnerability in
Mozilla Firefox.
The vulnerability is caused by an error when the vulnerable software handles malicious use of "window.navigator.plugins" object . It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

Mozilla Firefox before 3.0.19
Mozilla Firefox before 3.5.9
Mozilla Firefox before 3.6.2


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.

CVE References