Mozilla FireFox OnKeyDown事件文件上传漏洞

漏洞信息详情

Mozilla FireFox OnKeyDown事件文件上传漏洞

• CNNVD编号：CNNVD-200707-040
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2007-3511
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2007-07-03
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2009-01-10
  
• 厂        商：
  
  mozilla
• 漏洞来源：
  Carl Hardwick※ har…

Mozilla FireFox是一款流行的开源WEB浏览器。

FireFox在处理文件上传时存在漏洞，恶意网站可能利用此漏洞获取用户系统上的文件。

Firefox没有正确地处理表单字段的焦点，允许攻击者通过OnKeyDown事件将焦点从textarea字段更改至file upload字段，如果用户访问了恶意站点并向textarea输入表单键入了文件名的话，就可能将系统上的任意文件上传到恶意站点。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：
http://www.mozilla.org/projects/seamonkey/
http://www.mozilla.com/en-US/firefox/
https://www.redhat.com/support/errata/RHSA-2007-0980.html
https://www.redhat.com/support/errata/RHSA-2007-0979.html

https://www.redhat.com/support/errata/RHSA-2007-0981.html

来源: FEDORA
名称: FEDORA-2007-2664
链接:https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html

来源: FEDORA
名称: FEDORA-2007-2601
链接:https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html

来源: FEDORA
名称: FEDORA-2007-3431
链接:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html

来源: issues.rpath.com
链接:https://issues.rpath.com/browse/RPL-1858

来源: MISC
链接:http://yathong.googlepages.com/FirefoxFocusBug.html

来源: XF
名称: firefox-focus-security-bypass(35299)
链接:http://xforce.iss.net/xforce/xfdb/35299

来源: UBUNTU
名称: USN-535-1
链接:http://www.ubuntulinux.org/support/documentation/usn/usn-535-1

来源: UBUNTU
名称: USN-536-1
链接:http://www.ubuntu.com/usn/usn-536-1

来源: BID
名称: 24725
链接:http://www.securityfocus.com/bid/24725

来源: BUGTRAQ
名称: 20071029 rPSA-2007-0225-2 firefox thunderbird
链接:http://www.securityfocus.com/archive/1/archive/1/482932/100/200/threaded

来源: BUGTRAQ
名称: 20071029 FLEA-2007-0062-1 firefox
链接:http://www.securityfocus.com/archive/1/archive/1/482925/100/0/threaded

来源: BUGTRAQ
名称: 20071026 rPSA-2007-0225-1 firefox
链接:http://www.securityfocus.com/archive/1/archive/1/482876/100/200/threaded

来源: REDHAT
名称: RHSA-2007:0981
链接:http://www.redhat.com/support/errata/RHSA-2007-0981.html

来源: REDHAT
名称: RHSA-2007:0980
链接:http://www.redhat.com/support/errata/RHSA-2007-0980.html

来源: REDHAT
名称: RHSA-2007:0979
链接:http://www.redhat.com/support/errata/RHSA-2007-0979.html

来源: SUSE
名称: SUSE-SA:2007:057
链接:http://www.novell.com/linux/security/advisories/2007_57_mozilla.html

来源: www.mozilla.org
链接:http://www.mozilla.org/security/announce/2007/mfsa2007-32.html

来源: MANDRIVA
名称: MDKSA-2007:202
链接:http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202

来源: VUPEN
名称: ADV-2008-0083
链接:http://www.frsirt.com/english/advisories/2008/0083

来源: VUPEN
名称: ADV-2007-3587
链接:http://www.frsirt.com/english/advisories/2007/3587

来源: VUPEN
名称: ADV-2007-3544
链接:http://www.frsirt.com/english/advisories/2007/3544

来源: DEBIAN
名称: DSA-1401
链接:http://www.debian.org/security/2007/dsa-1401

来源: DEBIAN
名称: DSA-1396
链接:http://www.debian.org/security/2007/dsa-1396

来源: DEBIAN
名称: DSA-1392
链接:http://www.debian.org/security/2007/dsa-1392

来源: support.novell.com
链接:http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

来源: SUNALERT
名称: 201516
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1

来源: MISC
链接:http://sla.ckers.org/forum/read.php?3,13142

来源: SECTRACK
名称: 1018837
链接:http://securitytracker.com/id?1018837

来源: SECUNIA
名称: 27680
链接:http://secunia.com/advisories/27680

来源: SECUNIA
名称: 27480
链接:http://secunia.com/advisories/27480

来源: SECUNIA
名称: 27425
链接:http://secunia.com/advisories/27425

来源: SECUNIA
名称: 27414
链接:http://secunia.com/advisories/27414

来源: SECUNIA
名称: 27403
链接:http://secunia.com/advisories/27403

来源: SECUNIA
名称: 27387
链接:http://secunia.com/advisories/27387

来源: SECUNIA
名称: 27383
链接:http://secunia.com/advisories/27383

来源: SECUNIA
名称: 27356
链接:http://secunia.com/advisories/27356

来源: SECUNIA
名称: 27336
链接:http://secunia.com/advisories/27336

来源: SECUNIA
名称: 27335
链接:http://secunia.com/advisories/27335

来源: SECUNIA
名称: 27327
链接:http://secunia.com/advisories/27327

来源: SECUNIA
名称: 27325
链接:http://secunia.com/advisories/27325

来源: SECUNIA
名称: 27298
链接:http://secunia.com/advisories/27298

来源: SECUNIA
名称: 27276
链接:http://secunia.com/advisories/27276

来源: SECUNIA
名称: 25904
链接:http://secunia.com/advisories/25904

来源: HP
名称: HPSBUX02153
链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

来源: HP
名称: HPSBUX02153
链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

来源: HP
名称: HPSBUX02153
链接:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

来源: FULLDISC
名称: 20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
链接:http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html