CVE-2005-0584 Information

Description

Firefox before 1.0.1 and Mozilla before 1.7.6 when displaying the HTTP Authentication dialog do not change the focus to the tab that generated the prompt which could facilitate spoofing and phishing attacks.

Reference

http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml http://www.mozilla.org/security/announce/mfsa2005-24.html http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-384.html https://bugzilla.mozilla.org/show_bug.cgi?id=277574 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A100034 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11191