Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
References
Link | Resource |
---|---|
http://secunia.com/advisories/12712 | Patch Vendor Advisory |
http://secunia.com/multiple_browsers_dialog_box_spoofing_test/ | Vendor Advisory |
http://secunia.com/multiple_browsers_form_field_focus_test/ | Vendor Advisory |
http://www.mozilla.org/security/announce/mfsa2005-05.html | Patch Vendor Advisory |
http://www.redhat.com/support/errata/RHSA-2005-323.html | Patch Vendor Advisory |
http://www.redhat.com/support/errata/RHSA-2005-335.html | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18864 | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100050 | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10211 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-01-29T05:00:00
Updated: 2017-10-10T00:57:01
Reserved: 2005-01-25T00:00:00
Link: CVE-2004-1380
JSON object: View
NVD Information
Status : Modified
Published: 2004-10-20T04:00:00.000
Modified: 2017-10-11T01:29:45.717
Link: CVE-2004-1380
JSON object: View
Redhat Information
No data.
CWE