FreeBSD : mozilla -- 'Wrapped' javascript: urls bypass security checks (a81746a1-c2c7-11d9-89f7-02061b08fc24)

This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

A Mozilla Foundation Security Advisory reports :

Some security checks intended to prevent script injection were
incorrect and could be bypassed by wrapping a javascript: url in the
view-source : pseudo-protocol. Michael Krax demonstrated that a
variant of his favicon exploit could still execute arbitrary code, and
the same technique could also be used to perform cross-site scripting.

Georgi Guninski demonstrated the same flaw wrapping javascript: urls
with the jar: pseudo-protocol.

L. David Baron discovered a nested variant that defeated checks in the
script security manager.

Workaround: Disable JavaScript

See also :

http://www.mozilla.org/security/announce/mfsa2005-43.html
http://www.nessus.org/u?39e04dfe

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19070 (freebsd_pkg_a81746a1c2c711d989f702061b08fc24.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now