[Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
Guasconi Vincent
tyoptyop at gmail.com
Sun Jul 1 00:17:57 BST 2007
On 6/30/07, carl hardwick <hardwick.carl at gmail.com> wrote:
> New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities:
> This demo is very simple. when you input some text in the textarea,
> the file input element's value will also change to it. I tested it on
> Firefox 1.5.0.12 and 2.0.0.4.
>
> PoC here: http://yathong.googlepages.com/FirefoxFocusBug.html
Is there a link between your POC and this :
http://lcamtuf.coredump.cx/focusbug/
?
> credits by - Hong
mmmhh...
--
Guasconi Vincent
Etudiant.
http://altmylife.blogspot.com
Full-Disclosure is hosted and sponsored by Secunia.