CVE-2004-1380
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.8%
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the “Dialog Box Spoofing Vulnerability.”
References
secunia.com/advisories/12712
secunia.com/multiple_browsers_dialog_box_spoofing_test/
secunia.com/multiple_browsers_form_field_focus_test/
www.mozilla.org/security/announce/mfsa2005-05.html
www.redhat.com/support/errata/RHSA-2005-323.html
www.redhat.com/support/errata/RHSA-2005-335.html
exchange.xforce.ibmcloud.com/vulnerabilities/18864
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100050
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10211
Related
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.8%