Think you have a false positive on this rule?

Sid 1-46913

Message

BROWSER-FIREFOX Mozilla multiple products JavaScript string replace buffer overflow attempt

Summary

This event is generated when an attempt is made to replace a string with itself.

Impact

Attempted User Privilege Gain

CVE-2009-3075:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Detailed information

CVE-2009-3075: Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.

Affected systems

  • mozilla firefox 0.1
  • mozilla firefox 0.2
  • mozilla firefox 0.3
  • mozilla firefox 0.4
  • mozilla firefox 0.5
  • mozilla firefox 0.6
  • mozilla firefox 0.6.1
  • mozilla firefox 0.7
  • mozilla firefox 0.7.1
  • mozilla firefox 0.8
  • mozilla firefox 0.9
  • mozilla firefox 0.9.1
  • mozilla firefox 0.9.2
  • mozilla firefox 0.9.3
  • mozilla firefox 0.9_rc
  • mozilla firefox 0.10
  • mozilla firefox 0.10.1
  • mozilla firefox 1.0
  • mozilla firefox 1.0.1
  • mozilla firefox 1.0.2
  • mozilla firefox 1.0.3
  • mozilla firefox 1.0.4
  • mozilla firefox 1.0.5
  • mozilla firefox 1.0.6
  • mozilla firefox 1.0.7
  • mozilla firefox 1.0.8
  • mozilla firefox 1.4.1
  • mozilla firefox 1.5
  • mozilla firefox 1.5.0.1
  • mozilla firefox 1.5.0.2
  • mozilla firefox 1.5.0.3
  • mozilla firefox 1.5.0.4
  • mozilla firefox 1.5.0.5
  • mozilla firefox 1.5.0.6
  • mozilla firefox 1.5.0.7
  • mozilla firefox 1.5.0.8
  • mozilla firefox 1.5.0.9
  • mozilla firefox 1.5.0.10
  • mozilla firefox 1.5.0.11
  • mozilla firefox 1.5.0.12
  • mozilla firefox 1.5.1
  • mozilla firefox 1.5.2
  • mozilla firefox 1.5.3
  • mozilla firefox 1.5.4
  • mozilla firefox 1.5.5
  • mozilla firefox 1.5.6
  • mozilla firefox 1.5.7
  • mozilla firefox 1.5.8
  • mozilla firefox 1.8
  • mozilla firefox 2.0
  • mozilla firefox 2.0.0.1
  • mozilla firefox 2.0.0.2
  • mozilla firefox 2.0.0.3
  • mozilla firefox 2.0.0.4
  • mozilla firefox 2.0.0.5
  • mozilla firefox 2.0.0.6
  • mozilla firefox 2.0.0.7
  • mozilla firefox 2.0.0.8
  • mozilla firefox 2.0.0.9
  • mozilla firefox 2.0.0.10
  • mozilla firefox 2.0.0.11
  • mozilla firefox 2.0.0.12
  • mozilla firefox 2.0.0.13
  • mozilla firefox 2.0.0.14
  • mozilla firefox 2.0.0.15
  • mozilla firefox 2.0.0.16
  • mozilla firefox 2.0.0.17
  • mozilla firefox 2.0.0.18
  • mozilla firefox 2.0.0.19
  • mozilla firefox 2.0.0.20
  • mozilla firefox 2.0.0.21
  • mozilla firefox 2.0_.1
  • mozilla firefox 2.0_.4
  • mozilla firefox 2.0_.5
  • mozilla firefox 2.0_.6
  • mozilla firefox 2.0_.7
  • mozilla firefox 2.0_.9
  • mozilla firefox 2.0_.10
  • mozilla firefox 2.0_8
  • mozilla firefox 3.0
  • mozilla firefox 3.0.1
  • mozilla firefox 3.0.2
  • mozilla firefox 3.0.3
  • mozilla firefox 3.0.4
  • mozilla firefox 3.0.5
  • mozilla firefox 3.0.6
  • mozilla firefox 3.0.7
  • mozilla firefox 3.0.8
  • mozilla firefox 3.0.9
  • mozilla firefox 3.0.10
  • mozilla firefox 3.0.11
  • mozilla firefox 3.0.12
  • mozilla firefox 3.0.13
  • mozilla firefox 3.5
  • mozilla firefox 3.5.1

Ease of attack

CVE-2009-3075:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References