FreeBSD : mozilla -- code execution via Quicktime media-link files (3ce8c7e2-66cf-11dc-b25f-02e0185f8d72)
Medium Nessus Plugin ID 26088
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Mozilla Foundation reports a vulnerability within the mozilla browser. This vulnerability also affects various other browsers like firefox and SeaMonkey. The vulnerability is caused by QuickTime Media-Link files that contain a qtnext attribute. This could allow an attacker to start the browser with arbitrary command-line options.
This could allow the attacker to install malware, steal local data and possibly execute and/or do other arbitrary things within the users context.
SolutionUpdate the affected packages.