Full Disclosure: file upload widgets in IE and Firefox have issues

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

file upload widgets in IE and Firefox have issues

From: "Michel Lemay" <mlemay () coveo com>
Date: Wed, 7 Jun 2006 09:43:47 -0400

Would it be possible to use a similar technique to generate an URL with
query parameters containing user keystrokes?  This URL could then be
submitted to any compromised website.  The attacker could then look into
logs and have a peek at theses submitted requests.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

file upload widgets in IE and Firefox have issues Charles McAuley (Jun 05)
- Re: file upload widgets in IE and Firefox have issues Bart van Arnhem (Jun 08)
- <Possible follow-ups>
- file upload widgets in IE and Firefox have issues Michel Lemay (Jun 07)
  - Re: file upload widgets in IE and Firefox have issues Brian Eaton (Jun 07)
- file upload widgets in IE and Firefox have issues Danny (Jun 10)
  - Re: file upload widgets in IE and Firefox have issues Charles McAuley (Jun 12)