Shu_b
07.06.2006, 09:30
file upload widgets in IE and Firefox have issues
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
Firefox File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20442/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software:
Mozilla Firefox 1.x
Mozilla SeaMonkey 1.x
Mozilla 1.7.x
Netscape 8.x
Description:
Charles McAuley has reported a vulnerability in Firefox, which can be exploited by malicious people to trick users into disclosing sensitive information.
The vulnerability is caused due to a design error where a script can cancel certain keystroke events when entering text. This can be exploited to trick a user into typing a filename in a file upload input field by changing focus and cancel the "OnKeyPress" JavaScript event on certain characters.
Successful exploitation allows an arbitrary file on the user's system to be uploaded to a malicious web site, but requires that the user types a text containing the characters of the filename.
The vulnerability has been confirmed in version 1.5.0.4. Other versions may also be affected.
Solution:Disable JavaScript support.
Do not enter suspicious text when visiting untrusted web sites.
Internet Explorer File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20449/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
Solution: Disable Active Scripting support.
Do not enter suspicious text when visiting untrusted web sites.
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
Firefox File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20442/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software:
Mozilla Firefox 1.x
Mozilla SeaMonkey 1.x
Mozilla 1.7.x
Netscape 8.x
Description:
Charles McAuley has reported a vulnerability in Firefox, which can be exploited by malicious people to trick users into disclosing sensitive information.
The vulnerability is caused due to a design error where a script can cancel certain keystroke events when entering text. This can be exploited to trick a user into typing a filename in a file upload input field by changing focus and cancel the "OnKeyPress" JavaScript event on certain characters.
Successful exploitation allows an arbitrary file on the user's system to be uploaded to a malicious web site, but requires that the user types a text containing the characters of the filename.
The vulnerability has been confirmed in version 1.5.0.4. Other versions may also be affected.
Solution:Disable JavaScript support.
Do not enter suspicious text when visiting untrusted web sites.
Internet Explorer File Upload Form Keystroke Event Cancel Vulnerability
http://secunia.com/advisories/20449/
Release Date: 2006-06-06
Critical: Less critical
Impact: Exposure of sensitive information
Where: From remote
Solution Status: Unpatched
Software: Microsoft Internet Explorer 6.x
Description:
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information.
The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions may also be affected.
Solution: Disable Active Scripting support.
Do not enter suspicious text when visiting untrusted web sites.