{"vuid":"VU#460528","idnumber":"460528","name":"Mozilla fails to properly handle script-generated events","keywords":["Mozilla","JavaScript","text fields","copy and paste","information disclosure","clipboard"],"overview":"There is a vulnerability the way Mozilla handles script-generated events that could allow a remote, unauthenticated attacker to access data contained on the victim's clipboard.","clean_desc":"Mozilla is an open-source web browser, email/newsgroup client, IRC client, and HTML editor available for a number of platforms including Microsoft Windows, Linux, and other UNIX platforms. When a web page is loaded by the browser, it will accept certain JavaScript events to control behavior on the page. These script-generated events can be applied to text fields. There is a vulnerability in the way Mozilla handles copy/paste keyboard shortcut sequences sent to text fields using JavaScript. While Mozilla restricts the use of copy (Ctrl+C) and paste (Ctrl+V) keyboard shortcut sequences, it fails to restrict other variations such as Ctrl+Ins (copy) and Shift+Ins (paste). Exploitation of this vulnerability could allow a remote, unauthenticated attacker to access the victim's clipboard.","impact":"By convincing a victim to view a malicious web page, a remote, unauthenticated attacker could perform read/write operations to the victim's clipboard. Since users may copy/paste usernames, passwords, or potentially other sensitive information to the clipboard, the attacker could gain access to this information.","resolution":"Upgrade\nUpgrade as specified by your vendor. This issue has been resolved in Mozilla 1.7.3, Firefox Preview Release, and Thunderbird 0.8.","workarounds":"Disable JavaScript Disable JavaScript in your browser's preferences.","sysaffected":"","thanks":"This vulnerability was reported by Wladimir Palant.","author":"This document was written by Damon Morda.","public":["http://bugzilla.mozilla.org/show_bug.cgi?id=257523","http://secunia.com/advisories/12526/","http://www.securitytracker.com/alerts/2004/Sep/1011317.html","http://www.securitytracker.com/alerts/2004/Sep/1011318.html"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-09-16T13:23:27Z","publicdate":"2004-08-31T00:00:00Z","datefirstpublished":"2004-09-17T18:09:03Z","dateupdated":"2004-09-17T20:14:23Z","revision":19,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"15","cam_population":"15","cam_impact":"5","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"16.875","cam_scorecurrentwidelyknown":"19.6875","cam_scorecurrentwidelyknownexploited":"30.9375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":16.875,"vulnote":null}