New Search

Mozilla Inactive Tab Form Data Theft Vulnerability

oval:org.mitre.oval:def:100053

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab as originally reported using form fields which allows remote attackers to steal sensitive data that is intended for other sites which could facilitate phishing attacks.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 2000
  • Microsoft Windows Server 2003
  • Microsoft Windows XP
  • Microsoft Windows NT
Class:
vulnerability
Reference(s):
  • CVE-2004-1381
Product(s):
  • Mozilla Firefox
  • mozilla