Published: 07/06/2006 Updated: 18/10/2018

CVSS v2 Base Score: 4 | Impact Score: 4.9 | Exploitability Score: 4.9

VMScore: 410

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N

Mozilla Firefox 1.5.0.4, 2.0.x prior to 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions prior to 1.1.5, and Netscape 8.1 and previous versions allow user-assisted remote malicious users to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netscape navigator
mozilla firefox
mozilla seamonkey
mozilla firefox 1.5.0.4
mozilla mozilla suite 1.7.13
mozilla seamonkey 1.0.2

Debian Bug report logs - #447734 libxul0d: vulnerable to CVE-2007-5339 Package: libxul0d; Maintainer for libxul0d is (unknown); Reported by: Sam Morris <sam@robotsorguk> Date: Tue, 23 Oct 2007 13:18:01 UTC Severity: grave Tags: security Found in versions xulrunner/1816-1, xulrunner/18011-2 Fixed in versions xulrun ...

Various flaws were discovered in the layout and JavaScript engines By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user’s privileges (CVE-2007-5336, CVE-2007-5339, CVE-2007-5340) ...

Various flaws were discovered in the layout and JavaScript engines By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user’s privileges (CVE-2007-5339, CVE-2007-5340) ...

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of the next page to be load ...

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1095 Michal Zalewski discovered that the unload event handler had access to the address of the next page t ...

Mozilla Foundation Security Advisory 2007-32 File input focus stealing vulnerability Announced October 18, 2007 Reporter hong, Charles McAuley Impact Moderate Products Firefox, SeaMonkey Fixed in ...

source: wwwsecurityfocuscom/bid/18308/info Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same pa ...

source: wwwsecurityfocuscom/bid/18308/info Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page ...

CWE-20 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html http://secunia.com/advisories/20442 http://secunia.com/advisories/20467 http://secunia.com/advisories/20470 http://secunia.com/advisories/20472 http://www.securityfocus.com/bid/18308 http://secunia.com/advisories/21532 http://archives.neohapsis.com/archives/bugtraq/2007-02/0166.html http://archives.neohapsis.com/archives/bugtraq/2007-02/0187.html http://lists.virus.org/full-disclosure-0702/msg00225.html http://lcamtuf.coredump.cx/focusbug/http://www.gnucitizen.org/blog/browser-focus-rip http://www.thanhngan.org/fflinuxversion.html https://bugzilla.mozilla.org/show_bug.cgi?id=290478 https://bugzilla.mozilla.org/show_bug.cgi?id=56236 https://bugzilla.mozilla.org/show_bug.cgi?id=370092 https://issues.rpath.com/browse/RPL-1858 http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html http://www.mandriva.com/security/advisories?name=MDKSA-2006:143 http://www.mandriva.com/security/advisories?name=MDKSA-2006:145 http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202 http://www.novell.com/linux/security/advisories/2007_57_mozilla.html http://www.ubuntu.com/usn/usn-536-1 http://securitytracker.com/id?1018837 http://secunia.com/advisories/27335 http://secunia.com/advisories/27383 http://secunia.com/advisories/27403 http://secunia.com/advisories/27387 http://secunia.com/advisories/27298 http://secunia.com/advisories/27414 http://securityreason.com/securityalert/1059 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1 http://www.vupen.com/english/advisories/2006/2160 http://www.vupen.com/english/advisories/2008/0083 http://www.vupen.com/english/advisories/2007/3544 http://www.vupen.com/english/advisories/2006/2163 http://www.vupen.com/english/advisories/2006/2164 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://www.vupen.com/english/advisories/2006/2162 http://www.mozilla.org/security/announce/2007/mfsa2007-32.html https://usn.ubuntu.com/535-1/http://www.securityfocus.com/archive/1/482932/100/200/threaded http://www.securityfocus.com/archive/1/482925/100/0/threaded http://www.securityfocus.com/archive/1/482876/100/200/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447734 https://nvd.nist.gov https://usn.ubuntu.com/535-1/https://www.exploit-db.com/exploits/27987/

CVE-2006-2894

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect