Lucene search
HistoryOct 01, 2007 - 5:17 a.m.
CVE-2007-5158
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.069
Percentile
94.1%
The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
Affected configurations
Node
microsoftinternet_explorerMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | internet_explorer | 6.0 | cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2007-10-01 05:17:00
Design/Logic Flaw
2007-07-03 10:30:00
cvelist
cvelist
CVE-2007-5158
2007-10-01 00:00:00
CVE-2007-3511
2007-07-03 10:00:00
cve
cve
CVE-2007-5158
2007-10-01 05:17:00
CVE-2007-3511
2007-07-03 10:30:00
exploitdb
exploitdb
Microsoft Internet Explorer 5.0.1 - Arbitrary File Upload
2007-09-27 00:00:00
veracode
veracode
Focus Prevention Bypass
2020-04-10 00:20:20
nvd
nvd
CVE-2007-3511
2007-07-03 10:30:00
ubuntucve
ubuntucve
CVE-2007-3511
2007-07-03 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2007-32
2007-10-23 00:00:00
Mozilla Firefox /Thunderbird / Seamonkey multiple security vulnerabilities
2007-10-23 00:00:00
mozilla
mozilla
File input focus stealing vulnerability — Mozilla
2007-10-18 00:00:00
freebsd
freebsd
firefox -- OnUnload Javascript browser entrapment vulnerability
2007-10-19 00:00:00
nessus
nessus
FreeBSD : firefox -- OnUnload Javascript browser entrapment vulnerability (e24797af-803d-11dc-b787-003048705d5a)
2007-10-25 00:00:00
Fedora 8 : seamonkey-1.1.5-2.fc8 (2007-2795)
2007-11-07 00:00:00
Debian DSA-1396-1 : iceweasel - several vulnerabilities
2007-10-30 00:00:00
debian
debian
[SECURITY] [DSA 1396-1] New iceweasel packages fix several vulnerabilities
2007-10-27 11:54:56
[SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities
2007-10-20 11:56:10
[SECURITY] [DSA 1401-1] New iceape packages fix several vulnerabilities
2007-11-05 23:44:32
oraclelinux
oraclelinux
Critical: seamonkey security update
2007-10-20 00:00:00
Critical: firefox security update
2007-10-20 00:00:00
Moderate: thunderbird security update
2007-10-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 1401-1 (iceape)
2008-01-17 00:00:00
Fedora Update for thunderbird FEDORA-2007-3414
2009-02-27 00:00:00
Debian Security Advisory DSA 1396-1 (icedove)
2008-01-17 00:00:00
centos
centos
thunderbird security update
2007-10-20 18:06:21
firefox security update
2007-10-20 18:08:04
seamonkey security update
2007-10-19 22:39:36
fedora
fedora
[SECURITY] Fedora 8 Update: thunderbird-2.0.0.9-1.fc8
2007-11-16 00:39:02
[SECURITY] Fedora 7 Update: thunderbird-2.0.0.9-1.fc7
2007-11-16 00:41:37
[SECURITY] Fedora 7 Update: seamonkey-1.1.5-1.fc7
2007-10-24 07:02:38
ubuntu
ubuntu
Thunderbird vulnerabilities
2007-10-23 00:00:00
Firefox vulnerabilities
2007-10-22 00:00:00
osv
osv
xulrunner - several vulnerabilities
2007-10-20 00:00:00
iceape - several vulnerabilities
2007-11-05 00:00:00
iceweasel
2007-10-27 00:00:00
redhat
redhat
(RHSA-2007:0981) Moderate: thunderbird security update
2007-10-19 00:00:00
(RHSA-2007:0979) Critical: firefox security update
2007-10-19 00:00:00
(RHSA-2007:0980) Critical: seamonkey security update
2007-10-19 00:00:00
suse
suse
remote code execution in MozillaFirefox,mozilla,seamonkey
2007-10-25 18:13:14
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.069
Percentile
94.1%
Related for NVD:CVE-2007-5158