| Vulnerability Name: | CVE-2004-1753 (CCN-17137) | ||||||||
| Assigned: | 2004-08-27 | ||||||||
| Published: | 2004-08-27 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MISC Type: Exploit http://bugzilla.mozilla.org/show_bug.cgi?id=162134 Source: MITRE Type: CNA CVE-2004-1753 Source: CCN Type: SA12392 Netscape Apple Java Plugin Tab Spoofing Vulnerability Source: SECUNIA Type: UNKNOWN 12392 Source: CCN Type: OSVDB ID: 9270 Netscape Navigator Java Applet Tab Spoofing Source: BUGTRAQ Type: Exploit 20040826 Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State) Source: BUGTRAQ Type: Exploit 20040827 Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State) Source: BUGTRAQ Type: Exploit 20040827 Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State) Source: BID Type: Exploit 11059 Source: CCN Type: BID-11059 Mozilla/Netscape/Firefox Browsers XPCOM Plug-In For Apple Mac OSX Content Spoofing Vulnerability Source: XF Type: UNKNOWN netscape-java-tab-spoofing(17137) Source: XF Type: UNKNOWN netscape-java-tab-spoofing(17137) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||