CVE Reference: CVE-2004-1753

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-1753

Description:
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/17137

SAID
  Secunia Advisory: SA12392

MISC
  http://bugzilla.mozilla.org/show_bug.cgi?id=162134

BUGTRAQ
  http://www.securityfocus.com/archive/1/373232
  http://www.securityfocus.com/archive/1/373309
  http://www.securityfocus.com/archive/1/373080

BID
  11059


Return to the previous page.