CVE-2004-1122

Sažetak

Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314.

Reference

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html
http://secunia.com/advisories/12892
http://secunia.com/multiple_browsers_dialog_box_spoofing_test/
http://secunia.com/secunia_research/2004-10/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-09-2008 - 19:29

Objavljeno

10-01-2005 - 05:00