CVE-2004-1314

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-1314
Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html
http://secunia.com/advisories/13252/
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/
http://secunia.com/secunia_research/2004-13/advisory/
https://exchange.xforce.ibmcloud.com/vulnerabilities/18397
http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html
http://secunia.com/advisories/13252/
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/
http://secunia.com/secunia_research/2004-13/advisory/
https://exchange.xforce.ibmcloud.com/vulnerabilities/18397
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:*
History

20 Nov 2024, 23:50

Type Values Removed Values Added
References () http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html - () http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html -
References () http://secunia.com/advisories/13252/ - () http://secunia.com/advisories/13252/ -
References () http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ - () http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ -
References () http://secunia.com/secunia_research/2004-13/advisory/ - () http://secunia.com/secunia_research/2004-13/advisory/ -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18397 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/18397 -
Information

Published : 2005-01-10 05:00

Updated : 2024-11-20 23:50

NVD link : CVE-2004-1314

Mitre link : CVE-2004-1314

CVE.ORG link : CVE-2004-1314

JSON object : View

Products Affected

apple

  • safari
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024