CVE-2004-1753
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
03/04/2025
Description
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
Impact
Base Score 2.0
2.60
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugzilla.mozilla.org/show_bug.cgi?id=162134
- http://secunia.com/advisories/12392
- http://www.securityfocus.com/archive/1/373080
- http://www.securityfocus.com/archive/1/373232
- http://www.securityfocus.com/archive/1/373309
- http://www.securityfocus.com/bid/11059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17137
- http://bugzilla.mozilla.org/show_bug.cgi?id=162134
- http://secunia.com/advisories/12392
- http://www.securityfocus.com/archive/1/373080
- http://www.securityfocus.com/archive/1/373232
- http://www.securityfocus.com/archive/1/373309
- http://www.securityfocus.com/bid/11059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17137