Galeon < 1.2.7 XMLSerializer Cross-domain Policy Access (deprecated)

Medium Nessus Network Monitor Plugin ID 1757

Synopsis

The remote host is using a vulnerable version of the Galeon web browser.

Description

The remote host is using the Galeon web browser. The version used contains a flaw that may allow an attacker to set up a rogue web server which will gain access to the properties of other domains displayed in a frame or iframe.

Solution

Upgrade to Galeon 1.2.7 or higher.

Plugin Details

Severity: Medium

ID: 1757

Family: Web Clients

Published: 2004/08/20

Modified: 2015/06/01

Dependencies: 1769

Risk Information

Risk Factor: Medium

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

BID: 5766