Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2004-1156
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1156

2004-12-3105:00:00
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.4%

JSON

Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the “window injection” vulnerability.

Affected configurations

NVD
Node
mozillafirefoxMatch0.8
OR
mozillafirefoxMatch0.9
OR
mozillafirefoxMatch0.9rc
OR
mozillafirefoxMatch0.9.1
OR
mozillafirefoxMatch0.9.2
OR
mozillafirefoxMatch0.9.3
OR
mozillafirefoxMatch0.10
OR
mozillafirefoxMatch0.10.1
OR
mozillafirefoxMatch1.0
OR
mozillamozillaMatch0.8
OR
mozillamozillaMatch0.9.2
OR
mozillamozillaMatch0.9.2.1
OR
mozillamozillaMatch0.9.3
OR
mozillamozillaMatch0.9.4
OR
mozillamozillaMatch0.9.4.1
OR
mozillamozillaMatch0.9.5
OR
mozillamozillaMatch0.9.6
OR
mozillamozillaMatch0.9.7
OR
mozillamozillaMatch0.9.8
OR
mozillamozillaMatch0.9.9
OR
mozillamozillaMatch0.9.35
OR
mozillamozillaMatch0.9.48
OR
mozillamozillaMatch1.0
OR
mozillamozillaMatch1.0rc1
OR
mozillamozillaMatch1.0rc2
OR
mozillamozillaMatch1.0.1
OR
mozillamozillaMatch1.0.2
OR
mozillamozillaMatch1.1
OR
mozillamozillaMatch1.1alpha
OR
mozillamozillaMatch1.1beta
OR
mozillamozillaMatch1.2
OR
mozillamozillaMatch1.2alpha
OR
mozillamozillaMatch1.2beta
OR
mozillamozillaMatch1.2.1
OR
mozillamozillaMatch1.3
OR
mozillamozillaMatch1.3.1
OR
mozillamozillaMatch1.4
OR
mozillamozillaMatch1.4alpha
OR
mozillamozillaMatch1.4beta
OR
mozillamozillaMatch1.4.1
OR
mozillamozillaMatch1.4.2
OR
mozillamozillaMatch1.5
OR
mozillamozillaMatch1.5.1
OR
mozillamozillaMatch1.6
OR
mozillamozillaMatch1.7
OR
mozillamozillaMatch1.7alpha
OR
mozillamozillaMatch1.7beta
OR
mozillamozillaMatch1.7rc1
OR
mozillamozillaMatch1.7rc2
OR
mozillamozillaMatch1.7rc3
OR
mozillamozillaMatch1.7.1
OR
mozillamozillaMatch1.7.2
OR
mozillamozillaMatch1.7.3

Related

cvelist 1
ubuntucve 1
mozilla 1
cve 1
freebsd 1
openvas 7
nessus 9
redhat 3
gentoo 2
centos 2
ubuntu 1
cvelist
cvelist
CVE-2004-1156
2004-12-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-1156
2004-12-31 00:00:00
mozilla
mozilla
Window Injection Spoofing — Mozilla
2005-02-24 00:00:00
cve
cve
CVE-2004-1156
2004-12-31 05:00:00
freebsd
freebsd
web browsers -- window injection vulnerabilities
2004-12-08 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200503-30 (Mozilla)
2008-09-24 00:00:00
nessus
nessus
FreeBSD : web browsers -- window injection vulnerabilities (b0911985-6e2a-11d9-9557-000a95bc6fae)
2005-07-13 00:00:00
Fedora Core 2 : mozilla-1.7.6-1.2.2 (2005-248)
2005-05-19 00:00:00
Fedora Core 3 : mozilla-1.7.6-1.3.2 (2005-249)
2005-09-12 00:00:00
redhat
redhat
(RHSA-2005:335) mozilla security update
2005-03-23 00:00:00
(RHSA-2005:176) firefox security update
2005-03-01 00:00:00
(RHSA-2005:384) Mozilla security update
2005-04-28 00:00:00
gentoo
gentoo
Mozilla Firefox: Various vulnerabilities
2005-03-04 00:00:00
Mozilla Suite: Multiple vulnerabilities
2005-03-25 00:00:00
centos
centos
mozilla security update
2005-04-29 03:28:26
galeon, mozilla security update
2005-04-30 07:03:15
ubuntu
ubuntu
Ubuntu 4.10 update for Firefox vulnerabilities
2005-07-28 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.3 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.4%

JSON
Related for NVD:CVE-2004-1156
cvelist1ubuntucve1mozilla1cve1freebsd1openvas7nessus9redhat3gentoo2centos2ubuntu1