Mozilla < 1.0.1 XMLSerializer Cross-domain Policy Access

Medium Log Correlation Engine Plugin ID 801339

Synopsis

N/A

Description

The remote host is using the Mozilla web browser. Running this version of Mozilla contains a flaw that may allow an attacker to set up a rogue web server which will gain access to the properties of other domains displayed in a frame or iframe.

Solution

Upgrade to Mozilla 1.0.1, 1.1 or higher.

Plugin Details

Severity: Medium

ID: 801339

File Name: 801339.prm

Family: Web Clients

Risk Information

Risk Factor: Medium

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

BID: 5766