V-251550
CAT IIFirefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
Type "about:preferences" in the browser address bar.
Type "Applications" in the Find bar in the upper-right corner.
Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD.
If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding.
If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding.
Fix Text
Remove any unauthorized extensions from the auto-download list.
STIG Reference
- STIG
- Mozilla Firefox Security Technical Implementation Guide
- Version
- 6
- Release
- 7
- Rule ID
- SV-251550r961194_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl | Unassigned | 2026-03-04T15:25:41.899130 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl | Unassigned | 2026-03-04T15:25:15.868210 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl | Unassigned | 2026-01-14T12:57:27.870047 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl | Unassigned | 2026-01-14T12:57:25.596878 | View in Context |