lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 1 Dec 2007 15:58:37 -0000
From: "Randal, Phil" <prandal@...efordshire.gov.uk>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Re: Firefox 2.0.0.11 File Focus Stealing
	vulnerability


 And the Mozilla bugzilla number is?


-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
Juha-Matti Laurio
Sent: 01 December 2007 15:25
To: carl hardwick; full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Firefox 2.0.0.11 File Focus Stealing
vulnerability

Netscape Navigator version 9.0.0.4 is affected too. Test done with
PoC-type URL mentioned on Mac OS X 10.4.10 fully patched.
Vendor was contacted on 1st Dec 2007.

- Juha-Matti

carl hardwick <hardwick.carl@...il.com> wrote: 
> Firefox 2.0.0.11 File Focus Stealing vulnerability:
> 
> Sorry Mozilla, but the recent file focus fix was not enough. I think 
> Mozilla made another mistake while fixing the previous file/label 
> issue. Because now I embed a file field and a textfield inside one 
> label. When this happens, and you type only one time in the textfield,

> the focus travels to the file field and the value travels with it.
> Back to the drawing board I would say. I only got it to work in 
> Firefox, Gareth checked Safari for me, and it also works in Safari. I 
> guess this type of exploit could function on other HTML objects as 
> well, and could be very dangerous because it only requires a one time 
> focus in a textfield.
> 
> PoC here:
> http://carl-hardwick.googlegroups.com/web/Firefox20011StealFocusFlaw.h
> tm
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists