QwikSec

Security Database

CVE

CWE

Training

CVE-2004-1753

Published: Feb 26, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20040827 Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

20040826 Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)

mailing-list

x_refsource_BUGTRAQ

netscape-java-tab-spoofing(17137)

vdb-entry

x_refsource_XF

20040827 Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

http://bugzilla.mozilla.org/show_bug.cgi?id=162134

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.