CVE-2008-0414 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-0414
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0414

Description: Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-576-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 ST 1019330 SAID Secunia Advisory: SA28877 Secunia Advisory: SA28865 Secunia Advisory: SA28864 Secunia Advisory: SA28815 Secunia Advisory: SA28758 Secunia Advisory: SA28839 Secunia Advisory: SA28879 Secunia Advisory: SA28924 Secunia Advisory: SA28939 Secunia Advisory: SA28958 Secunia Advisory: SA29049 Secunia Advisory: SA29086 Secunia Advisory: SA29567 Secunia Advisory: SA30327 Secunia Advisory: SA30620 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:048 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1489 http://www.debian.org/security/2008/dsa-1506 http://www.debian.org/security/2008/dsa-1485 http://www.debian.org/security/2008/dsa-1484 CONFIRM http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html http://browser.netscape.com/releasenotes/ http://wiki.rpath.com/Advisories:rPSA-2008-0051 http://www.mozilla.org/security/announce/2008/mfsa2008-02.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488002/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/487826/100/0/threaded BID 27683

Return to the previous page.