PT-2004-2120 · Mozilla+1 · Firefox+2

Publicado

2004-12-10

Atualizado

2017-10-11

CVE-2004-1156

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: Mozilla versions prior to 1.7.6 Firefox versions prior to 1.0.1

Description: The issue allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain. This can be demonstrated using a pop-up window on a trusted web site.

Recommendations: For Mozilla versions prior to 1.7.6, update to version 1.7.6 or later. For Firefox versions prior to 1.0.1, update to version 1.0.1 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-1156

RHSA-2005:176

RHSA-2005_176

RHSA-2005_384

Produtos afetados

Firefox

Mozilla Firefox

Red Hat

PT-2004-2120 · Mozilla+1 · Firefox+2

CVE-2004-1156

Identificadores relacionados

Produtos afetados

Referências · 61