lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 1 Dec 2007 15:58:37 -0000 From: "Randal, Phil" <prandal@...efordshire.gov.uk> To: <full-disclosure@...ts.grok.org.uk> Subject: Re: Firefox 2.0.0.11 File Focus Stealing vulnerability And the Mozilla bugzilla number is? -----Original Message----- From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Juha-Matti Laurio Sent: 01 December 2007 15:25 To: carl hardwick; full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Firefox 2.0.0.11 File Focus Stealing vulnerability Netscape Navigator version 9.0.0.4 is affected too. Test done with PoC-type URL mentioned on Mac OS X 10.4.10 fully patched. Vendor was contacted on 1st Dec 2007. - Juha-Matti carl hardwick <hardwick.carl@...il.com> wrote: > Firefox 2.0.0.11 File Focus Stealing vulnerability: > > Sorry Mozilla, but the recent file focus fix was not enough. I think > Mozilla made another mistake while fixing the previous file/label > issue. Because now I embed a file field and a textfield inside one > label. When this happens, and you type only one time in the textfield, > the focus travels to the file field and the value travels with it. > Back to the drawing board I would say. I only got it to work in > Firefox, Gareth checked Safari for me, and it also works in Safari. I > guess this type of exploit could function on other HTML objects as > well, and could be very dangerous because it only requires a one time > focus in a textfield. > > PoC here: > http://carl-hardwick.googlegroups.com/web/Firefox20011StealFocusFlaw.h > tm > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists