Threat Monitor
Exploit.JS.FoxFir.a
| Aliase: | |
|---|---|
| Pattern: | 200908131330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
|
This malicious program exploits vulnerability CVE-2009-2477.
Mozilla Firefox is prone to a remote code-execution vulnerability. The vulnerability is caused due to an error in the JIT (Just-in-Time) compiler(aka TraceMonkey) when returning from a native function, such as escape(),and can be exploited to trigger a memory corruption. The improper handling of font HTML tags by the TraceMonkey component of the JavaScript engine can cause the vulnerability. By persuading a victim to visit a specially-crafted Web site containing malicious JavaScript code, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system.
IE crashes when the sample runs.
Affected Versions:
Mozilla Firefox 3.5.x
Mozilla Firefox is prone to a remote code-execution vulnerability. The vulnerability is caused due to an error in the JIT (Just-in-Time) compiler(aka TraceMonkey) when returning from a native function, such as escape(),and can be exploited to trigger a memory corruption. The improper handling of font HTML tags by the TraceMonkey component of the JavaScript engine can cause the vulnerability. By persuading a victim to visit a specially-crafted Web site containing malicious JavaScript code, a remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system.
IE crashes when the sample runs.
Affected Versions:
Mozilla Firefox 3.5.x
