FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mutiple browser frame injection vulnerability

Affected packages
kdelibs < 3.2.3_3
kdebase < 3.2.3_1
7.50 <= linux-opera < 7.52
7.50 <= opera < 7.52
firefox < 0.9
linux-mozilla < 1.7
linux-mozilla-devel < 1.7
mozilla-gtk1 < 1.7
mozilla < 1.7,2
netscape7 < 7.2


VuXML ID 641859e8-eca1-11d8-b913-000c41e2cdad
Discovery 2004-08-11
Entry 2004-08-12
Modified 2004-09-14

A class of bugs affecting many web browsers in the same way was discovered. A Secunia advisory reports:

The problem is that the browsers don't check if a target frame belongs to a website containing a malicious link, which therefore doesn't prevent one browser window from loading content in a named frame in another window.

Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site.

A KDE Security Advisory reports:

A malicious website could abuse Konqueror to insert its own frames into the page of an otherwise trusted website. As a result the user may unknowingly send confidential information intended for the trusted website to the malicious website.

Secunia has provided a demonstration of the vulnerability at


CVE Name CVE-2004-0717
CVE Name CVE-2004-0718
CVE Name CVE-2004-0721