VDB
CVE-2004-0718
CVE-2004-0718
PUBLISHED
CVSS 7.5 HIGH
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
EPSS 1.91% · 83.6th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
1.91%
83.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| firebirdsql | firebird | 0.7 |
| n/a | n/a | n/a |
| mozilla | mozilla | 1.6 |
| netscape | navigator | 7.1 |
Exploit Intelligence
- DSA-810 (circl)
- DSA-777 (circl)
- http-frame-spoof(1598) (circl)
- SCOSA-2005.49 (circl)
- SUSE-SA:2004:036 (circl)
- RHSA-2004:421 (circl)
- MDKSA-2004:082 (circl)
- FLSA:2089 (circl)
- 15495 (circl)
- 11978 (circl)
…and 4 more exploits
Timeline
- Jul 23, 2004 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- DSA-810 vendor-advisory
- DSA-777 vendor-advisory
- http-frame-spoof(1598) vdb
- SCOSA-2005.49 vendor-advisory
- SUSE-SA:2004:036 vendor-advisory
- RHSA-2004:421 vendor-advisory
- MDKSA-2004:082 vendor-advisory
- FLSA:2089 vendor-advisory
- 15495 vdb
- 11978 third-party-advisory
- oval:org.mitre.oval:def:4756 vdb
- http://bugzilla.mozilla.org/show_bug.cgi?id=246448 url
- http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/ url
- oval:org.mitre.oval:def:9997 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-0718 advisory
- http://secunia.com/multiple_browsers_frame_injection_vulnerability_test url