5
CVE-2004-1380
- EPSS 3.68%
- Veröffentlicht 20.10.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows and facilitate phishing attacks, aka the "Dialog Box Spoofing Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.68% | 0.882 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://www.redhat.com/support/errata/RHSA-2005-323.html
http://secunia.com/advisories/12712
http://secunia.com/multiple_browsers_dialog_box_spoofing_test/
http://secunia.com/multiple_browsers_form_field_focus_test/
http://www.mozilla.org/security/announce/mfsa2005-05.html
http://www.redhat.com/support/errata/RHSA-2005-335.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/18864
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100050
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10211