Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Jun 16, 2026
CVE-2004-1314
CVE-2004-1314
Description
Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122.
Affected products
8cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:*
- (no CPE)range: 1.x
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.