Vulnerability CVE-2007-3511 - CERT Civis.Net

Vulnerability Name:

CVE-2007-3511 (CCN-35299)

Assigned:

2007-06-30

Published:

2007-06-30

Updated:

2018-10-15

Summary:

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.

CVSS v3 Severity:

3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.4 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N)
2.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: CCN
Type: Full-Disclosure Mailing List, Sat Jun 30 2007 - 08:38:12 CDT
New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

Source: FULLDISC
Type: UNKNOWN
20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

Source: FULLDISC
Type: UNKNOWN
20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities

Source: MITRE
Type: CNA
CVE-2007-3511

Source: HP
Type: UNKNOWN
HPSBUX02153

Source: OSVDB
Type: UNKNOWN
37994

Source: CCN
Type: RHSA-2007-0979
Critical: firefox security update

Source: CCN
Type: RHSA-2007-0980
Critical: seamonkey security update

Source: CCN
Type: RHSA-2007-0981
Moderate: thunderbird security update

Source: CCN
Type: SA25904
Firefox "OnKeyDown" Event Focus Weakness

Source: SECUNIA
Type: Vendor Advisory
25904

Source: SECUNIA
Type: Vendor Advisory
27276

Source: SECUNIA
Type: Vendor Advisory
27298

Source: SECUNIA
Type: Vendor Advisory
27325

Source: SECUNIA
Type: Vendor Advisory
27327

Source: SECUNIA
Type: Vendor Advisory
27335

Source: SECUNIA
Type: Vendor Advisory
27336

Source: SECUNIA
Type: Vendor Advisory
27356

Source: SECUNIA
Type: Vendor Advisory
27383

Source: SECUNIA
Type: Vendor Advisory
27387

Source: SECUNIA
Type: Vendor Advisory
27403

Source: SECUNIA
Type: Vendor Advisory
27414

Source: SECUNIA
Type: Vendor Advisory
27425

Source: SECUNIA
Type: Vendor Advisory
27480

Source: SECUNIA
Type: Vendor Advisory
27680

Source: CCN
Type: SECTRACK ID: 1018837
Mozilla Firefox May Discloses Files or Information to Remote Users

Source: SECTRACK
Type: UNKNOWN
1018837

Source: MISC
Type: UNKNOWN
http://sla.ckers.org/forum/read.php?3,13142

Source: SUNALERT
Type: UNKNOWN
201516

Source: CCN
Type: ASA-2007-447
Firefox security update (RHSA-2007-0979)

Source: CCN
Type: ASA-2007-459
seamonkey security update (RHSA-2007-0980)

Source: CCN
Type: ASA-2007-461
thunderbird security update (RHSA-2007-0981)

Source: CCN
Type: ASA-2008-008
Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data (Sun 103177)

Source: CONFIRM
Type: UNKNOWN
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html

Source: DEBIAN
Type: UNKNOWN
DSA-1392

Source: DEBIAN
Type: UNKNOWN
DSA-1396

Source: DEBIAN
Type: UNKNOWN
DSA-1401

Source: DEBIAN
Type: DSA-1392
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1396
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-1401
iceape -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:202

Source: CCN
Type: Mozilla Firefox Web site
Firefox - Rediscover the Web

Source: CCN
Type: MFSA 2007-32
File input focus stealing vulnerability

Source: CONFIRM
Type: UNKNOWN
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2007:057

Source: CCN
Type: OSVDB ID: 37994
Mozilla Multiple Browsers onkeydown Event Window Focus Manipulation

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0979

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0980

Source: REDHAT
Type: UNKNOWN
RHSA-2007:0981

Source: BUGTRAQ
Type: UNKNOWN
20071026 rPSA-2007-0225-1 firefox

Source: BUGTRAQ
Type: UNKNOWN
20071029 FLEA-2007-0062-1 firefox

Source: BUGTRAQ
Type: UNKNOWN
20071029 rPSA-2007-0225-2 firefox thunderbird

Source: BID
Type: UNKNOWN
24725

Source: CCN
Type: BID-24725
Mozilla Firefox OnKeyDown Event File Upload Vulnerability

Source: CCN
Type: USN-535-1
Firefox vulnerabilities

Source: CCN
Type: USN-536-1
Thunderbird vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-536-1

Source: VUPEN
Type: Vendor Advisory
ADV-2007-3544

Source: VUPEN
Type: Vendor Advisory
ADV-2007-3587

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0083

Source: MISC
Type: Exploit
http://yathong.googlepages.com/FirefoxFocusBug.html

Source: XF
Type: UNKNOWN
firefox-focus-security-bypass(35299)

Source: XF
Type: UNKNOWN
firefox-focus-security-bypass(35299)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1858

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9763

Source: UBUNTU
Type: UNKNOWN
USN-535-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-3431

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2601

Source: FEDORA
Type: UNKNOWN
FEDORA-2007-2664

Source: SUSE
Type: SUSE-SA:2007:057
Mozilla Security Update

Vulnerable Configuration:

Configuration 1:

cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 2.0.0.7)

OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:*:alpha:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:*:beta:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:*:dev:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version <= 1.1.4)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*

AND

cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/a:suse:suse_linux_school_server:-:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.0:*:oss:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*

OR cpe:/o:suse:suse_linux:10.1:*:personal:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*

OR cpe:/o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.5.z:*:es:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20073511	V	CVE-2007-3511	2015-11-16
oval:org.mitre.oval:def:17494	P	USN-536-1 -- mozilla-thunderbird, thunderbird vulnerabilities	2014-07-21
oval:org.mitre.oval:def:17091	P	USN-535-1 -- firefox vulnerabilities	2014-06-30
oval:org.mitre.oval:def:20376	P	DSA-1396-1 iceweasel	2014-06-23
oval:org.mitre.oval:def:18602	P	DSA-1401-1 iceape - several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:19745	P	DSA-1392-1 xulrunner - several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:21818	P	ELSA-2007:0979: firefox security update (Critical)	2014-05-26
oval:org.mitre.oval:def:22422	P	ELSA-2007:0981: thunderbird security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:9763	V	The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.	2013-04-29
oval:com.redhat.rhsa:def:20070979	P	RHSA-2007:0979: firefox security update (Critical)	2008-03-20
oval:com.redhat.rhsa:def:20070981	P	RHSA-2007:0981: thunderbird security update (Moderate)	2008-03-20
oval:org.debian:def:1401	V	several vulnerabilities	2007-11-05
oval:org.debian:def:1396	V	several vulnerabilities	2007-10-27
oval:org.debian:def:1392	V	several vulnerabilities	2007-10-20
oval:com.redhat.rhsa:def:20070980	P	RHSA-2007:0980: seamonkey security update (Critical)	2007-10-19