Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2272

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-2272
Last Modified 07 Mar 2011 09:24:01
Published 13 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2272

Summary

Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

Vulnerable Systems

Application

  • Apple Safari 2.0


References

VUPEN - ADV-2005-2659

MISC - http://secunia.com/secunia_research/2005-12/advisory/

MISC - http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/

XF - mozilla-javascript-dialog-box-spoofing(21070)

BID - 14011

OSVDB - 17397

SECTRACK - 1015294

SECUNIA - 17813

SECUNIA - 15474

APPLE - APPLE-SA-2005-11-29


Last Updated: 27 May 2016 10:40:28