New Search

Mozilla HTTP auth Prompt Tab Spoofing

oval:org.mitre.oval:def:100034

Firefox before 1.0.1 and Mozilla before 1.7.6 when displaying the HTTP Authentication dialog do not change the focus to the tab that generated the prompt which could facilitate spoofing and phishing attacks.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows NT
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows 2000
Class:
vulnerability
Reference(s):
  • CVE-2005-0584
Product(s):
  • Mozilla Firefox
  • mozilla