Intrusion Prevention

Mozilla.Firefox.Address.Bar.Spoofing

Description

This indicates an attack attempt to exploit an Address Bar Spoofing vulnerability in Mozilla Firefox.
This issue is caused by an error in the vulnerable software when handling javascript that opens a malicious web page after a window.stop call. It may allow remote attackers to execute arbitrary code by sending a crafted web page.

Affected Products

Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7
SeaMonkey before 2.0.6

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the latest version,available from the web site.
http://www.mozilla.com

CVE References

CVE-2010-1206