CVE-2004-1380 - CVE Reference - Advisories

CVE Reference: CVE-2004-1380

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-1380

Description: Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/18864 SAID Secunia Advisory: SA12712 REDHAT http://www.redhat.com/support/errata/RHSA-2005-323.html http://www.redhat.com/support/errata/RHSA-2005-335.html OVAL http://oval.mitre.org/oval/definitions/data/oval100050.html MISC http://secunia.com/multiple_browsers_form_field_focus_test/ http://secunia.com/multiple_browsers_dialog_box_spoofing_test/ CONFIRM http://www.mozilla.org/security/announce/mfsa2005-05.html

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Linux Kernel LDT Buffer Size Handling Vulnerability

2.	Drupal Session Fixation Vulnerability

3.	OpenBSD BIND Query Port DNS Cache Poisoning

4.	Ubuntu update for php

5.	IPCop update for perl

6.	Red Hat update for kernel

7.	Slackware update for dnsmasq

8.	Debian update for xulrunner

9.	Red Hat update for thunderbird

10.	Fedora update for asterisk