Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5158


Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5158
Last Modified 15 Nov 2008 01:59:54
Published 01 Oct 2007 01:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The focus handling for the onkeydown event in Microsoft Internet Explorer 6.0 allows remote attackers to change field focus and copy keystrokes via a certain use of a JavaScript htmlFor attribute, as demonstrated by changing focus from a textarea to a file upload field, a related issue to CVE-2007-3511.

Vulnerable Systems


  • Microsoft Ie 6.0


XF - ie-onkeydown-information-disclosure(36848)

BID - 25836


SECUNIA - 27007

OSVDB - 41382

Last Updated: 27 May 2016 10:46:06