HTTP: Multiple Browser File Upload Keystroke Hijack
This signature detects attempts to exploit a known vulnerability against Multiple Browser. A successful attack can lead to reading arbitrary files.
Extended Description
Multiple web browsers are prone to a JavaScript key-filtering vulnerability because the browsers fail to securely handle keystroke input from users. This issue is demonstrated to allow attackers to divert keystrokes from one input form in a webpage to a hidden file-upload dialog in the same page. This may allow remote attackers to initiate file uploads from unsuspecting users. Other attacks may also be possible. Exploiting this issue requires that users manually type the full path of files that attackers wish to download. This may require substantial typing from targeted users, so attackers will likely use keyboard-based games, blogs, or other similar pages to entice users to enter the required keyboard input to exploit this issue. Reportedly, Mozilla Suite, Mozilla Firefox, Mozilla SeaMonkey, Netscape Navigator, and Microsoft Internet Explorer are all vulnerable to this issue.
Affected Products
Mozilla browser
Short Name
HTTP:STC:FILE-UPLOAD
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Browser CVE-2006-2900 File Hijack Keystroke Multiple Upload bid:18308
Release Date
04/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Netscape
Suse
Sun
Rpath
Mozilla
Debian
Slackware
Ubuntu
Mandriva
Foresight_linux
Microsoft
CVSS Score
4.0