CVE Vulnerabilities

CVE-2004-1753

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 0.9.3 (including) 0.9.3 (including)
Mozilla Mozilla 1.7.2 (including) 1.7.2 (including)
Navigator Netscape 7.1 (including) 7.1 (including)
Navigator Netscape 7.2 (including) 7.2 (including)

References