Home > Vulnerability Database > CVE-2004-1381

Mend.io Vulnerability Database

CVE-2004-1381

Date: October 19, 2004

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks.

Severity Score

5.3

Related Resources (9)

Url: http://secunia.com/advisories/12712

Url: http://www.mozilla.org/security/announce/mfsa2005-05.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100053

Url: https://nvd.nist.gov/vuln/detail/CVE-2004-1381

Url: http://secunia.com/multiple_browsers_dialog_box_spoofing_test/

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2004-1381

Url: http://secunia.com/multiple_browsers_form_field_focus_test/

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/17789

Url: https://www.mend.io/vulnerability-database/CVE-2004-1381

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2004-1381

Date: October 19, 2004

Severity Score

Related Resources (9)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?