CVE-2004-1753

Sažetak

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

Reference

http://bugzilla.mozilla.org/show_bug.cgi?id=162134
http://secunia.com/advisories/12392
http://www.securityfocus.com/archive/1/373080
http://www.securityfocus.com/archive/1/373232
http://www.securityfocus.com/archive/1/373309
http://www.securityfocus.com/bid/11059
https://exchange.xforce.ibmcloud.com/vulnerabilities/17137

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:31

Objavljeno

31-12-2004 - 05:00