Navigate

Check: FFOX-00-000006

Mozilla Firefox STIG: FFOX-00-000006 (in versions v6 r5 through v6 r3)

Title

Firefox must be configured to not automatically execute or download MIME types that are not authorized for auto-download. (Cat II impact)

Discussion

Some files can be downloaded or execute without user interaction. This setting ensures these files are not downloaded and executed.

Check Content

Type "about:preferences" in the browser address bar. Type "Applications" in the Find bar in the upper-right corner. Determine if any of the following file extensions are listed: HTA, JSE, JS, MOCHA, SHS, VBE, VBS, SCT, WSC, FDF, XFDF, LSL, LSO, LSS, IQY, RQY, DOS, BAT, PS, EPS, WCH, WCM, WB1, WB3, WCH, WCM, AD. If the entry exists and the "Action" is "Save File" or "Always Ask", this is not a finding. If an extension exists and the entry in the Action column is associated with an application that does/can execute the code, this is a finding.

Fix Text

Remove any unauthorized extensions from the auto-download list.

Additional Identifiers

Rule ID: SV-251550r879664_rule

Vulnerability ID: V-251550

Group Title: SRG-APP-000278

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-001242	The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
SI-3	Malicious Code Protection