FFOX-00-000011 – Firefox must be configured to prevent JavaScript from raising or lowering windows.

Details

JavaScript can raise and lower browser windows to cause improper input. Configure the browser setting to prevent scripts on visited websites from raising and lowering browser windows.

Solution

Windows group policy:
1. Open the group policy editor tool with ‘gpedit.msc’.
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesMozillaFirefox
Policy Name: Preferences
Policy State: Enabled
Policy Value:
{
‘dom.disable_window_flip’: {
‘Value’: true,
‘Status’: ‘locked’
}
}

macOS ‘plist’ file:
Add the following:
Preferences

dom.disable_window_flip

Value
Status
locked

Linux ‘policies.json’ file:
Add the following in the policies section:
‘Preferences’: {
‘dom.disable_window_flip’: {
‘Value’: true,
‘Status’: ‘locked’
}
}

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MOZ_Firefox_V6R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-7a.
CAT|II
CCI|CCI-000381
Rule-ID|SV-251555r807137_rule
STIG-ID|FFOX-00-000011
Vuln-ID|V-251555

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles