Back to search
CVE-2002-2311
Published: Oct 26, 2007
Modified: Sep 16, 2024
PUBLISHED
Description
Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20020723 Pressing CTRL in IE is dangerous - Sandblad advisory #8
mailing-list
x_refsource_BUGTRAQ
ie-ctrl-file-upload(9653)
vdb-entry
x_refsource_XF
5290
vdb-entry
x_refsource_BID
20020724 RE: Pressing CTRL in IE is dangerous - Sandblad advisory #8
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now