CVE-2004-1122

Published: Jan 10, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "Dialog Box Spoofing Vulnerability," a different vulnerability than CVE-2004-1314.

Affected (1)

Products: Apple: Safari

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Safari	Version 1.2.3

References (8)

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

Source: cve@mitre.org

http://secunia.com/advisories/12892

Source: cve@mitre.org

http://secunia.com/multiple_browsers_dialog_box_spoofing_test/

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/secunia_research/2004-10/

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2004/Dec/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/12892

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/multiple_browsers_dialog_box_spoofing_test/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/secunia_research/2004-10/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.