FreeBSD Ports : Multiple Browsers Frame Injection

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

The remote host is running one of the following package :

kdelibs < 3.2.3_3
kdebase < 3.2.3_1
7.50 <= linux-opera < 7.52
7.50 <= opera < 7.52
firefox < 0.9
linux-mozilla < 1.7
linux-mozilla-devel < 1.7
mozilla-gtk1 < 1.7
mozilla < 1.7,2
netscape7 < 7.2

These packages contain a bug which may allow an attacker to perform a frame
injection. An attacker may exploit this flaw by setting up a rogue website
which would insert its own frames in the pages of an otherwise trusted
web site.

Solution :

http://www.vuxml.org/freebsd/641859e8-eca1-11d8-b913-000c41e2cdad.html

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 14758 (freebsd_multiple_browsers_frame_injection.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0717
CVE-2004-0718
CVE-2004-0721

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now