hcmtnbiker writes with news of a logic flaw shared by IE 7 and Firefox 2.0
. IE 5.01, IE 6, and Firefox 220.127.116.11 are also affected. The flaw was discovered by Michal Zalewski, and is easily demonstrated on IE7
. The vulnerability is not platform-specific, but these demonstrations are — they work only on Windows systems. (Microsoft says that IE7 on Vista is not vulnerable.) From the vulnerability description: "In all modern browsers, form fields (used to upload user-specified files to a remote server) enjoy some added protection meant to prevent scripts from arbitrarily choosing local files to be sent, and automatically submitting the form without user knowledge. For example, '.value' parameter cannot be set or changed, and any changes to .type reset the contents of the field... [in this attack] the keyboard input in unrelated locations can be selectively geared toward input fields by the attacker."