Threat Monitor
Troj.Downloader.JS.Agent.dxm
| Aliases: | |
|---|---|
| Pattern: | 201008161330 |
| Threat Type | Propagation Methods | Systems Affected | Risk Level |
|---|---|---|---|
|
|
|
Mozilla Firefox is prone to a cross domain information disclosure vulnerability.
The vulnerability is caused by an error related to the use of focus() that could be used to change a user's cursor focus while they are typing, potentially directing their keyboard input to an unintended location. By persuading a victim to view a specially-crafted Web page, a remote attacker could send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame. Then the attacker could steal sensitive data from a user, such as usernames and passwords.
Affected: Mozilla Firefox 3.6.x
Mozilla Firefox 3.5.x
Mozilla SeaMonkey < 2.0.5
The vulnerability is caused by an error related to the use of focus() that could be used to change a user's cursor focus while they are typing, potentially directing their keyboard input to an unintended location. By persuading a victim to view a specially-crafted Web page, a remote attacker could send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame. Then the attacker could steal sensitive data from a user, such as usernames and passwords.
Affected: Mozilla Firefox 3.6.x
Mozilla Firefox 3.5.x
Mozilla SeaMonkey < 2.0.5
