Netscape < 7.2 Cross-domain Window Injection
Low Nessus Network Monitor Plugin ID 2468
SynopsisThe remote browser allows attackers to spoof popup windows.
DescriptionThe remote host is using the Netscape 7 web browser. There is a flaw in this version of Netscape browser that allows an attacker to spoof popup windows from trusted hosts. An attacker exploiting this flaw would need to be able to entice a user to browse a malicious website while browsing a trusted site in another browser window. These sort of attacks are commonly referred to as 'Phishing' attacks.
SolutionUpgrade to Netscape 7.2 or higher.