Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2006-41

File stealing by changing input type (variant)

Announced
June 1, 2006
Reporter
Chuck McAuley
Impact
High
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 1.5.0.4
  • SeaMonkey 1.0.2

Description

Chuck McAuley provided Proof-of-Concept code that demonstrates that MFSA 2006-23 was not fixed for all cases. In Firefox 1.5.0.2 it is still possible to pre-fill a text input control with the path to a file at a known location and then change the type of the input control to a file upload control without having the value reset as intended.

Workaround

Disable JavaScript until you have upgraded to a fixed version.

References