FreeBSD : web browsers -- window injection vulnerabilities (b0911985-6e2a-11d9-9557-000a95bc6fae)
High Nessus Plugin ID 19083
The remote FreeBSD host is missing one or more security-related updates.
A Secunia Research advisory reports : Secunia Research has reported a vulnerability in multiple browsers, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website. Secunia has constructed a test, which can be used to check if your browser is affected by this issue : http://secunia.com/multiple_browsers_window_injection_vulnerability_te st/ A workaround for Mozilla-based browsers is available.