VYPR
Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Jun 16, 2026

CVE-2004-1314

CVE-2004-1314

Description

Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability, a different vulnerability than CVE-2004-1122.

Affected products

8
  • Apple Inc./Safari8 versions
    cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:1.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:safari:beta2:*:*:*:*:*:*:*
    • (no CPE)range: 1.x

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.