FreeBSD : firefox -- PLUGINSPAGE privileged javascript execution (ce6ac624-aec8-11d9-a788-0001020eed82)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

A Mozilla Foundation Security Advisory reports :

When a webpage requires a plugin that is not installed the user can
click to launch the Plugin Finder Service (PFS) to find an appropriate
plugin. If the service does not have an appropriate plugin the EMBED
tag is checked for a PLUGINSPAGE attribute, and if one is found the
PFS dialog will contain a 'manual install' button that will load the
PLUGINSPAGE url.

Omar Khan reported that if the PLUGINSPAGE attribute contains a
javascript: url then pressing the button could launch arbitrary code
capable of stealing local data or installing malicious code.

Doron Rosenberg reported a variant that injects script by appending it
to a malformed URL of any protocol.

See also :

http://www.mozilla.org/security/announce/mfsa2005-34.html
https://bugzilla.mozilla.org/show_bug.cgi?id=288556
https://bugzilla.mozilla.org/show_bug.cgi?id=289171
http://www.nessus.org/u?92922aca

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 19129 (freebsd_pkg_ce6ac624aec811d9a7880001020eed82.nasl)

Bugtraq ID:

CVE ID: CVE-2005-0752

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now