Vulnerabilities > CVE-2004-1753
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 2 |
References
- http://bugzilla.mozilla.org/show_bug.cgi?id=162134
- http://bugzilla.mozilla.org/show_bug.cgi?id=162134
- http://secunia.com/advisories/12392
- http://secunia.com/advisories/12392
- http://www.securityfocus.com/archive/1/373080
- http://www.securityfocus.com/archive/1/373080
- http://www.securityfocus.com/archive/1/373232
- http://www.securityfocus.com/archive/1/373232
- http://www.securityfocus.com/archive/1/373309
- http://www.securityfocus.com/archive/1/373309
- http://www.securityfocus.com/bid/11059
- http://www.securityfocus.com/bid/11059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17137