Vulnerability Details CVE-2007-5158
The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.195
EPSS Ranking 95.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/41382
- http://secunia.com/advisories/27007
- http://www.0x000000.com/index.php?i=437
- http://www.securityfocus.com/bid/25836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36848
- http://osvdb.org/41382
- http://secunia.com/advisories/27007
- http://www.0x000000.com/index.php?i=437
- http://www.securityfocus.com/bid/25836
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36848
Products affected by CVE-2007-5158
-
cpe:2.3:a:microsoft:internet_explorer:6.0