Vulnerability Details CVE-2004-1122
Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html
- http://secunia.com/advisories/12892
- http://secunia.com/multiple_browsers_dialog_box_spoofing_test/
- http://secunia.com/secunia_research/2004-10/
- http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html
- http://secunia.com/advisories/12892
- http://secunia.com/multiple_browsers_dialog_box_spoofing_test/
- http://secunia.com/secunia_research/2004-10/