Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2006-23

File stealing by changing input type

Announced
April 13, 2006
Reporter
Claus Jörgensen
Impact
High
Products
Firefox, Mozilla Suite, SeaMonkey
Fixed in
  • Firefox 1.0.8
  • Firefox 1.5.0.2
  • Mozilla Suite 1.7.13
  • SeaMonkey 1.0.1

Description

Claus Jörgensen reports that a text input box can be pre-filled with a filename and then turned into a file-upload control with the contents intact, allowing a malicious website the ability to steal any local file whose name they can guess.

Jesse Ruderman reports a variation, changing the type of the input control in an event handler to work around some of the initial checks.

Workaround

Upgrade to fixed version.

References