Intrusion Prevention

Mozilla.Firefox.JavaScript.BOM.Characters.Stripping.XSS

Description

This indicates an attack attempt against a cross-site scripting (XSS) vulnerability in Mozilla Firefox.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted webpage. It allows a remote attacker to conduct XSS attacks.

Affected Products

Mozilla Firefox 3.0.1 and previous versions
Mozilla Firefox 2.0.0.16 and previous versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to Mozilla Firefox version 3.0.2 or 2.0.0.17:
http://www.mozilla.com/firefox/

CVE References

CVE-2008-4065