BROWSER-FIREFOX -- Snort has detected traffic known to exploit vulnerabilities present in the Firefox browser, or products that have the "Gecko" engine (Thunderbird email client, etc.).
BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt
This event is generated when an attempt to exploit a memory corruption in Mozilla Firefox, version 3.0 through 3.0.14, is detected
Attempted User Privilege Gain
This vulnerability is present in the browser engine in Mozilla Firefox 3.0.1 before 3.0.15. The browser does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2009-3382layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.
||Ease of Access||