1. Home
  2. Vulnerabilities
  3. CVE-2007-3511

CVE-2007-3511

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 3.88 % (92th)
3.88% Progress
Affected Products 2
Advisories 7
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

Weaknesses
CWE-NVD-Other
Related CVEs
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2007-07-03 10:30:00
(17 years ago)
Updated Date
2023-11-07 02:00:51
(10 months ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 2.0.0.7 and prior versions cpe:2.3:a:mozilla:firefox <= 2.0.0.7
  Mozilla Firefox 1.5.0.12 cpe:2.3:a:mozilla:firefox:1.5.0.12
  Mozilla Firefox 2.0.0.4 cpe:2.3:a:mozilla:firefox:2.0.0.4
  Mozilla Firefox 2.0.0.5 cpe:2.3:a:mozilla:firefox:2.0.0.5
  Mozilla Firefox 2.0.0.6 cpe:2.3:a:mozilla:firefox:2.0.0.6
  Mozilla Seamonkey 1.1.4 and prior versions cpe:2.3:a:mozilla:seamonkey <= 1.1.4
  Mozilla Seamonkey 1.0 cpe:2.3:a:mozilla:seamonkey:1.0
  Mozilla Seamonkey 1.0 Alpha Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha
  Mozilla Seamonkey 1.0 Beta Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:beta
  Mozilla Seamonkey 1.0 Dev Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:dev
  Mozilla Seamonkey 1.0 Alpha cpe:2.3:a:mozilla:seamonkey:1.0:alpha
  Mozilla Seamonkey 1.0 Beta cpe:2.3:a:mozilla:seamonkey:1.0:beta
  Mozilla Seamonkey 1.0.1 cpe:2.3:a:mozilla:seamonkey:1.0.1
  Mozilla Seamonkey 1.0.2 cpe:2.3:a:mozilla:seamonkey:1.0.2
  Mozilla Seamonkey 1.0.3 cpe:2.3:a:mozilla:seamonkey:1.0.3
  Mozilla Seamonkey 1.0.4 cpe:2.3:a:mozilla:seamonkey:1.0.4
  Mozilla Seamonkey 1.0.5 cpe:2.3:a:mozilla:seamonkey:1.0.5
  Mozilla Seamonkey 1.0.6 cpe:2.3:a:mozilla:seamonkey:1.0.6
  Mozilla Seamonkey 1.0.7 cpe:2.3:a:mozilla:seamonkey:1.0.7
  Mozilla Seamonkey 1.0.8 cpe:2.3:a:mozilla:seamonkey:1.0.8
  Mozilla Seamonkey 1.0.9 cpe:2.3:a:mozilla:seamonkey:1.0.9
  Mozilla Seamonkey 1.0.99 cpe:2.3:a:mozilla:seamonkey:1.0.99
  Mozilla Seamonkey 1.1 cpe:2.3:a:mozilla:seamonkey:1.1
  Mozilla Seamonkey 1.1.1 cpe:2.3:a:mozilla:seamonkey:1.1.1
  Mozilla Seamonkey 1.1.2 cpe:2.3:a:mozilla:seamonkey:1.1.2
  Mozilla Seamonkey 1.1.3 cpe:2.3:a:mozilla:seamonkey:1.1.3