Vulnerabilities > CVE-2007-5158 - Unspecified vulnerability in Microsoft Internet Explorer 6.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Microsoft Internet Explorer 5.0.1 File Upload Vulnerability. CVE-2007-5158. Remote exploit for windows platform |
| id | EDB-ID:30622 |
| last seen | 2016-02-03 |
| modified | 2007-09-27 |
| published | 2007-09-27 |
| reporter | Ronald van den Heetkamp |
| source | https://www.exploit-db.com/download/30622/ |
| title | Microsoft Internet Explorer 5.0.1 File Upload Vulnerability |