|
|
Mozilla Firefox JavaScript Key Filtering Variant Vulnerability
Mozilla Firefox is prone to a JavaScript key-filtering vulnerability because the browser fails to securely handle keystroke input from users. Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue. Mozilla Firefox 1.5.0.9 and 2.0.0.1 are vulnerable to this issue; other versions may also be affected. Applications based on the open-source Mozilla rendering engine may also be affected. This issue is a variant of the one described in BID 18308 (Multiple Vendor Web Browser JavaScript Key Filtering Vulnerability). |
|
Privacy Statement |