The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote malicious users to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 6.0 |