|
Mozilla / Mozilla Firefox Apple Java Plugin Tab Spoofing Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA12403
|
|
|
Release Date:
|
2004-08-30
|
|
Last Update:
|
2004-12-10
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Spoofing
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | Mozilla 1.7.x
Mozilla Firefox 0.x
Mozilla Firefox 1.x
|
|
|
This advisory is currently marked as unpatched!
- Companies can be alerted when a patch is released! |
|
|
Description:
A vulnerability has been reported in Mozilla / Mozilla Firefox, which can be exploited by malicious people to conduct phishing attacks.
The vulnerability has been confirmed in Mozilla 1.7.2, Firefox 0.9.3, and Firefox 1.0 on Mac OS X 10.3.5. Other versions may also be affected.
For more information:
SA12392
Solution:
Disable Java support.
Open untrusted sites in separate windows.
Changelog:
2004-12-10: Mozilla Firefox 1.0 is also vulnerable. Added software and updated "Description" section.
Other References:
SA12392:
http://secunia.com/advisories/12392/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
76 Related Secunia Security Advisories, displaying 10
|
|
|
1. Firefox "-chrome" Parameter Security Issue
|
|
2. Firefox "OnKeyDown" Event Focus Weakness
|
|
3. Mozilla Firefox / Seamonkey "resource://" Information Disclosure
|
|
4. Mozilla Firefox Multiple Vulnerabilities
|
|
5. Mozilla Firefox Multiple Vulnerabilities
|
|
6. Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability
|
|
7. Mozilla Firefox Multiple Vulnerabilities
|
|
8. Firefox Password Manager Information Disclosure
|
|
9. Mozilla Firefox and SeaMonkey Multiple Vulnerabilities
|
|
10. Mozilla Firefox Multiple Vulnerabilities
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
