Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Firefox 2.0.0.11 File Focus Stealing vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Firefox
by:
Unknown
N/A
CVSS
N/A
JavaScript key-filtering vulnerability
Unknown
CWE
Product Name: Firefox
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Firefox 2.0.0.11 File Focus Stealing vulnerability

The browsers fail to securely handle keystroke input from users, allowing attackers to steal focus and potentially capture sensitive data entered by the user. Exploiting this issue requires that users manually type sensitive data, which can be done through keyboard-based games, blogs, or other similar pages.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26669/info

Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users.

Exploiting this issue requires that users manually type sensitive data. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input. 

<html>
<title>Firefox 2.0.0.11 File Focus Stealing vulnerability</title>
<body>
<form>
<label>
<input type="file" name="foo" />
<br>
<input type="text" name="bar"  />
</label>
</body>
</html>

Navigation

Suggest Exploit

Services By CQR