BROWSER-FIREFOX -- Snort has detected traffic known to exploit vulnerabilities present in the Firefox browser, or products that have the "Gecko" engine (Thunderbird email client, etc.).
BROWSER-FIREFOX Mozilla Firefox default content process DACL sandbox escape attempt
This rule looks for a crafted Windows executable that will exploit a Firefox sandbox escape vulnerability.
This rule looks for an attempt to exploit a Mozilla Firefox sandbox escape vulnerability.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
N/A
Not Applicable
CVE-2020-12388The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. |
|