Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

[Joseph Hick <leet16y () yahoo com>]

Oh! I was wrong. I didn't see file1's value is
assigned to text1's value.

certainly, it is a flaw as nicely explained by
Zalewski.

I wrote a PoC myself and found that it's not necessary
to put focus on the label. focussing the file input
also works. I succeeded in writing the same PoC
without label with minor modifications.

--- Martin Thurau <laus () hrnz net> wrote:

> i had exactly the same thoughts. the only thing to
> wonder is, why
> firefox process the actual input after it did the
> "onkeydown". but this
> is only "weird" and not a "flaw".
>
>
> Joseph Hick wrote:
> > i didn't understand your poc.
> >
> > you are copying the value of textarea into the
> file
> > input yourself using this code.
document.getElementById("text1").value=document.getElementById("file1").value;
> > document.getElementById("text1").focus();
> >
> > so how is it a flaw?
> >
> >
> > --- carl hardwick <hardwick.carl () gmail com> wrote:
> >
> > > New flaw found in Firefox 2.0.0.4: Firefox file
> > > input focus vulnerabilities:
> > > [...]
> > > PoC here:
> http://yathong.googlepages.com/FirefoxFocusBug.html
> > > credits by - Hong



 
____________________________________________________________________________________
No need to miss a message. Get email on-the-go 
with Yahoo! Mail for Mobile. Get started.
http://mobile.yahoo.com/mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/