CVE-2004-1381 Information

Description

Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab as originally reported using form fields which allows remote attackers to steal sensitive data that is intended for other sites which could facilitate phishing attacks.

Reference

http://secunia.com/advisories/12712 http://secunia.com/multiple_browsers_dialog_box_spoofing_test/ http://secunia.com/multiple_browsers_form_field_focus_test/ http://www.mozilla.org/security/announce/mfsa2005-05.html https://exchange.xforce.ibmcloud.com/vulnerabilities/17789 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100053