Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Gecko-based Browsers for MacOS X Content Spoofing

Low

Synopsis

The remote host is vulnerable to a Script Injection attack.

Description

The remote host appears to be running a Gecko-based browser under the MacOS X operating system. It could be Mozilla, Camillo, Netscape or Firefox. This version of the software is vulnerable to a content spoofing issue because of a flaw in the third-party plug-in management. An attacker may write a malicious plug-in (or a Java applet) that may misrepresent or spoof the content of a alternate tab.

Solution

Upgrade or patch according to vendor recommendations.