|
Family: Windows --> Category: infos
Mozilla/Firefox user interface spoofing Vulnerability Scan
Vulnerability Scan Summary Acertains the version of Mozilla/Firefox
Detailed Explanation for this Vulnerability Test
The remote host is using Mozilla and/or Firefox, an alternative web browser.
This web browser supports the XUL (XML User Interface Language), a language
designed to manipulate the user interface of the browser itself.
Since XUL gives the full control of the browser GUI to the visited websites,
a possible hacker may use it to spoof a third party website and therefore pretend
that the URL and Certificates of the website are legitimate.
In addition to this, the remote version of this browser is vulnerable to a
flaw which may allow a malicious web site to spoof security properties
such as SSL certificates and URIs.
See also : http://www.nd.edu/~jsmith30/xul/test/spoof.html
Solution : None at this time
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|