icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Gecko-based Browsers for MacOS X Content Spoofing

Low

Synopsis

The remote host is vulnerable to a Script Injection attack.

Description

The remote host appears to be running a Gecko-based browser under the MacOS X operating system. It could be Mozilla, Camillo, Netscape or Firefox. This version of the software is vulnerable to a content spoofing issue because of a flaw in the third-party plug-in management. An attacker may write a malicious plug-in (or a Java applet) that may misrepresent or spoof the content of a alternate tab.

Solution

Upgrade or patch according to vendor recommendations.