Lucene search
HistoryJul 27, 2004 - 4:00 a.m.
CVE-2004-0720
cve-2004-0720
safari 1.2.2
frame injection
web site spoofing
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.6%
Safari 1.2.2 does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Affected configurations
Node
applesafariMatch1.2.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| apple:safari | apple safari | eq | 1.2.2 |
Related
cvelist
cvelist
CVE-2004-0720
2004-07-23 04:00:00
nvd
nvd
CVE-2004-0720
2004-07-27 04:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200507-14 (mozilla)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200507-14 (mozilla)
2008-09-24 00:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)
2004-09-08 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.6%
Related for CVE-2004-0720