Bugtraq mailing list archives

Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers)

From: "pdp (architect)" <pdp.gnucitizen () googlemail com>
Date: Tue, 13 Feb 2007 00:03:16 +0000

explanation of how the attack works here:

http://www.gnucitizen.org/blog/browser-focus-rip

On 2/12/07, Michal Zalewski <lcamtuf () dione ids pl> wrote:

On Mon, 12 Feb 2007, [ISO-8859-1] Claus Färber wrote:

> A proper solution would be to keep a list of files explicitly selected
> by the user and only allow uploads of files in this list. Then even if a
> script can manipulate the field, the browser won't upload files that
> have not been selected by the user.

Not necessarily that easy: notice that it is the user who enters the name
of a target file.

Unless you want to prevent the browser from accepting any files that were
not chosen using a visual file selector widget - but in such a case,
there's not much point in having a manual file path entry box in the first
place.

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

Current thread:

Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Ben Bucksch (Feb 12)
  - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
  - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Paul Szabo (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
    - Re: Firefox focus stealing vulnerability (possibly other browsers) Claus Färber (Feb 12)
    - Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 13)
    - Re: Firefox focus stealing vulnerability (possibly other browsers) Andreas Beck (Feb 13)
    - Re: Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 13)
- Firefox/MSIE focus stealing vulnerability - clarification Michal Zalewski (Feb 12)
- Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
  - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) Michal Zalewski (Feb 12)
    - Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) pdp (architect) (Feb 12)

(Thread continues...)