There is a vulnerability the way Mozilla handles script-generated events that could allow a remote, unauthenticated attacker to access data contained on the victim's clipboard.
By convincing a victim to view a malicious web page, a remote, unauthenticated attacker could perform read/write operations to the victim's clipboard. Since users may copy/paste usernames, passwords, or potentially other sensitive information to the clipboard, the attacker could gain access to this information.
This vulnerability was reported by Wladimir Palant.
This document was written by Damon Morda.
|Date First Published:||2004-09-17|
|Date Last Updated:||2004-09-17 20:14 UTC|