CVE 2004-1156
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
Related bugs and status
CVE-2004-1156 (Candidate) is related to these bugs:
Bug #11193: [warty] Firefox Window Injection Vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 11193 | [warty] Firefox Window Injection Vulnerability | firefox (Ubuntu) | Critical | Fix Released | ||
Bug #11467: KIOSlave FTP client can be made to send email
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 11467 | KIOSlave FTP client can be made to send email | kdelibs (Ubuntu) | High | Invalid | ||
| 11467 | KIOSlave FTP client can be made to send email | kdelibs (Debian) | Unknown | Fix Released | ||
Bug #12662: Typing comma on Firefox with num pad prints pipe on the screen
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 12662 | Typing comma on Firefox with num pad prints pipe on the screen | firefox (Ubuntu) | Medium | Fix Released | ||
Bug #12680: [warty] IDN support allows domain name spoofing
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 12680 | [warty] IDN support allows domain name spoofing | mozilla (Ubuntu) | High | Fix Released | ||
| 12680 | [warty] IDN support allows domain name spoofing | mozilla (Debian) | Unknown | Fix Released | ||
Bug #12706: [warty] Two problems in Firefox
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 12706 | [warty] Two problems in Firefox | firefox (Ubuntu) | High | Fix Released | ||
| 12706 | [warty] Two problems in Firefox | firefox (Debian) | Unknown | Fix Released | ||
Bug #12947: In some websites, Hebrew is shown reverse
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 12947 | In some websites, Hebrew is shown reverse | firefox (Ubuntu) | High | Fix Released | ||
Bug #13406: [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 13406 | [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function | mozilla (Ubuntu) | High | Fix Released | ||
| 13406 | [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function | mozilla (Debian) | Unknown | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
