Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the window injection vulnerability, a different vulnerability than CVE-2004-1122.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Safari | Apple | 1.2.2 | 1.2.2 |
Safari | Apple | 1.0 | 1.0 |
Safari | Apple | 1.2.1 | 1.2.1 |
Safari | Apple | 1.1 | 1.1 |
Safari | Apple | 1.2 | 1.2 |
Safari | Apple | beta2 | beta2 |
Safari | Apple | 1.2.3 | 1.2.3 |