CVE-2005-2272 Information

Description

Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks aka the \Dialog Origin Spoofing Vulnerability.\

Reference

http://docs.info.apple.com/article.html?artnum=302847 http://secunia.com/advisories/15474 http://secunia.com/advisories/17813 http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/ http://secunia.com/secunia_research/2005-12/advisory/ http://securitytracker.com/id?1015294 http://www.osvdb.org/17397 http://www.securityfocus.com/bid/14011 http://www.vupen.com/english/advisories/2005/2659 https://exchange.xforce.ibmcloud.com/vulnerabilities/21070