CVE 2004-1156
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
Related bugs and status
CVE-2004-1156 (Candidate) is related to these bugs:
Bug #11193: [warty] Firefox Window Injection Vulnerability
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
11193 | [warty] Firefox Window Injection Vulnerability | firefox (Ubuntu) | Critical | Fix Released |
Bug #11467: KIOSlave FTP client can be made to send email
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
11467 | KIOSlave FTP client can be made to send email | kdelibs (Ubuntu) | High | Invalid | ||
11467 | KIOSlave FTP client can be made to send email | kdelibs (Debian) | Unknown | Fix Released |
Bug #12662: Typing comma on Firefox with num pad prints pipe on the screen
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
12662 | Typing comma on Firefox with num pad prints pipe on the screen | firefox (Ubuntu) | Medium | Fix Released |
Bug #12680: [warty] IDN support allows domain name spoofing
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
12680 | [warty] IDN support allows domain name spoofing | mozilla (Ubuntu) | High | Fix Released | ||
12680 | [warty] IDN support allows domain name spoofing | mozilla (Debian) | Unknown | Fix Released |
Bug #12706: [warty] Two problems in Firefox
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
12706 | [warty] Two problems in Firefox | firefox (Ubuntu) | High | Fix Released | ||
12706 | [warty] Two problems in Firefox | firefox (Debian) | Unknown | Fix Released |
Bug #12947: In some websites, Hebrew is shown reverse
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
12947 | In some websites, Hebrew is shown reverse | firefox (Ubuntu) | High | Fix Released |
Bug #13406: [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
13406 | [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function | mozilla (Ubuntu) | High | Fix Released | ||
13406 | [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function | mozilla (Debian) | Unknown | Fix Released |
See the
CVE page on Mitre.org
for more details.