Check Point Advisories

Protection against Mozilla Firefox SSL Tampering via non-200 Responses to Proxy CONNECT Requests

Check Point Reference: SBP-2009-11
Date Published: 6 Jul 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA35331
Industry Reference:CVE-2009-1836
Protection Provided by:
Who is Vulnerable? Mozilla Firefox before 3.0.11
Thunderbird before 2.0.0.22
SeaMonkey before 1.1.17
Vulnerability Description Mozilla Firefox, Thunderbird and SeaMonkey use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server. A vulnerability was reported in Mozilla Firefox, a feely available Web browser. The vulnerability resides in the handling of non-200 responses after a CONNECT request to a proxy. This can be exploited to execute arbitrary HTML and script code in the requested SSL-protected domain.
Vulnerability DetailsAn error in the handling of non-200 responses after a CONNECT request to a proxy can be exploited to execute arbitrary HTML and script code in the requested SSL-protected domain. Successful exploitation requires a MitM (Man-in-the-Middle) attack and that the victim uses a proxy.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK