BROWSER-FIREFOX -- Snort has detected traffic known to exploit vulnerabilities present in the Firefox browser, or products that have the "Gecko" engine (Thunderbird email client, etc.).
BROWSER-FIREFOX Mozilla Firefox default content process DACL sandbox escape attempt
This rule looks for a crafted Windows executable that will exploit a Firefox sandbox escape vulnerability.
What To Look For
This rule looks for an attempt to exploit a Mozilla Firefox sandbox escape vulnerability.
No public information
No known false positives
Cisco Talos Intelligence Group