CVE-2007-3511

Severity

43%

Complexity

86%

Confidentiality

48%

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

Mozilla

First reported 17 years ago

2007-07-03 10:30:00

Last updated 6 years ago

2018-10-15 21:29:00

Affected Software

Mozilla Firefox 1.5.0.12

1.5.0.12

Mozilla Firefox 2.0.0.4

2.0.0.4

Mozilla Firefox 2.0.0.5

2.0.0.5

Mozilla Firefox 2.0.0.6

2.0.0.6

Mozilla Firefox

Mozilla SeaMonkey 1.0

1.0

Mozilla SeaMonkey 1.0 alpha

1.0

Mozilla SeaMonkey 1.0 beta

1.0

Mozilla SeaMonkey 1.0.1

1.0.1

Mozilla SeaMonkey 1.0.2

1.0.2

Mozilla SeaMonkey 1.0.3

1.0.3

Mozilla SeaMonkey 1.0.4

1.0.4

Mozilla SeaMonkey 1.0.5

1.0.5

Mozilla SeaMonkey 1.0.6

1.0.6

Mozilla SeaMonkey 1.0.7

1.0.7

Mozilla SeaMonkey 1.0.8

1.0.8

Mozilla SeaMonkey 1.0.9

1.0.9

Mozilla SeaMonkey 1.1

1.1

Mozilla Seamonkey 1.1.1

1.1.1

Mozilla Seamonkey 1.1.2

1.1.2

Mozilla Seamonkey 1.1.3

1.1.3

Mozilla SeaMonkey

References

20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

HPSBUX02153

37994

25904

Vendor Advisory

27276

Vendor Advisory

27298

Vendor Advisory

27325

Vendor Advisory

27327

Vendor Advisory

27335

Vendor Advisory

27336

Vendor Advisory

27356

Vendor Advisory

27383

Vendor Advisory

27387

Vendor Advisory

27403

Vendor Advisory

27414

Vendor Advisory

27425

Vendor Advisory

27480

Vendor Advisory

27680

Vendor Advisory

1018837

http://sla.ckers.org/forum/read.php?3,13142

201516

http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

DSA-1392

DSA-1396

DSA-1401

MDKSA-2007:202

http://www.mozilla.org/security/announce/2007/mfsa2007-32.html

SUSE-SA:2007:057

RHSA-2007:0979

RHSA-2007:0980

RHSA-2007:0981

20071026 rPSA-2007-0225-1 firefox

20071029 FLEA-2007-0062-1 firefox

20071029 rPSA-2007-0225-2 firefox thunderbird

24725

USN-536-1

ADV-2007-3544

Vendor Advisory

ADV-2007-3587

Vendor Advisory

ADV-2008-0083

Vendor Advisory

http://yathong.googlepages.com/FirefoxFocusBug.html

Exploit

firefox-focus-security-bypass(35299)

https://issues.rpath.com/browse/RPL-1858

oval:org.mitre.oval:def:9763

USN-535-1

FEDORA-2007-3431

FEDORA-2007-2601

FEDORA-2007-2664

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.