The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:51
Type | Values Removed | Values Added |
---|---|---|
References | () http://bugzilla.mozilla.org/show_bug.cgi?id=162134 - Exploit | |
References | () http://secunia.com/advisories/12392 - | |
References | () http://www.securityfocus.com/archive/1/373080 - Exploit | |
References | () http://www.securityfocus.com/archive/1/373232 - Exploit | |
References | () http://www.securityfocus.com/archive/1/373309 - Exploit | |
References | () http://www.securityfocus.com/bid/11059 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/17137 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:51
NVD link : CVE-2004-1753
Mitre link : CVE-2004-1753
CVE.ORG link : CVE-2004-1753
JSON object : View
Products Affected
netscape
- navigator
mozilla
- mozilla
- firefox
CWE