Intrusion Prevention

Mozilla.Multiple.Headers.HTTP.Response.Splitting

Description

This indicates an attempt to exploit a remote URI Redirection vulnerability in Mozilla Multiple Products.
The vulnerability is caused by the application's failure to sanitize user supplied input. A successful attack may allow the attacker to load arbitrary pages.

Affected Products

Mozilla Foundation Firefox 3.6 prior to 3.6.23
Mozilla Foundation Firefox prior to 7.0
Mozilla Foundation SeaMonkey prior to 2.4
Mozilla Foundation Thunderbird prior to 7.0

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply patches or fixes from vendor, available from the website:
http://www.mozilla.org/security/announce/2011/mfsa2011-39.html

CVE References

CVE-2011-3000