Mozilla Browser Input Type HTML Tag Unauthorized Access

medium Log Correlation Engine Plugin ID 801229

Synopsis

The remote host may be tricked into running an executable file.

Description

The remote host is using a vulnerable version of Mozilla, an open-source web browser. It is reported that Mozilla versions prior 1.7.1 present an issue in the INPUT tag. An attacker may craft a malicious web page that may secretly upload files readable by the victim on a remote computer.

Solution

Upgrade or patch according to vendor recommendations.