The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763
https://issues.rpath.com/browse/RPL-1858
https://exchange.xforce.ibmcloud.com/vulnerabilities/35299
http://www.vupen.com/english/advisories/2008/0083
http://www.vupen.com/english/advisories/2007/3587
http://www.vupen.com/english/advisories/2007/3544
http://www.ubuntu.com/usn/usn-536-1
http://www.securityfocus.com/bid/24725
http://www.securityfocus.com/archive/1/482932/100/200/threaded
http://www.securityfocus.com/archive/1/482925/100/0/threaded
http://www.securityfocus.com/archive/1/482876/100/200/threaded
http://www.redhat.com/support/errata/RHSA-2007-0981.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.mozilla.org/security/announce/2007/mfsa2007-32.html
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://www.debian.org/security/2007/dsa-1401
http://www.debian.org/security/2007/dsa-1396
http://www.debian.org/security/2007/dsa-1392
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
http://sla.ckers.org/forum/read.php?3%2C13142
http://securitytracker.com/id?1018837
http://secunia.com/advisories/27680
http://secunia.com/advisories/27480
http://secunia.com/advisories/27425
http://secunia.com/advisories/27414
http://secunia.com/advisories/27403
http://secunia.com/advisories/27387
http://secunia.com/advisories/27383
http://secunia.com/advisories/27356
http://secunia.com/advisories/27336
http://secunia.com/advisories/27335
http://secunia.com/advisories/27327
http://secunia.com/advisories/27325
http://secunia.com/advisories/27298
http://secunia.com/advisories/27276
http://secunia.com/advisories/25904
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html