223150 - This page makes Firebird opens Internet Explorer (vbscript: protocol)

Status: RESOLVED FIXED

(Firefox :: General, defect)

Description

[Eric Harding]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031021 Firebird/0.7+
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20031021 Firebird/0.7+

I'm using windows XP Service pack 1 and am logged in as an administrator.  The
XP themes service is turned on.  Firebird is set to be my default browser and is
using the default theme.  I am also able to reproduce this bug on a friend's
computer with windows 2000.  The error does not occur in mozilla 1.5 or in a
linux build of firebird.  When I navigate to the given url or refresh the window
an Internet Explorer window opens with a document containing some fragments of
vbscript code.

Reproducible: Always

Steps to Reproduce:
1. Browse to URL

Actual Results:  
An internet explorer window opens with the following content: <HTML><SCRIPT
LANGUAGE=vbscript>var __w=[code];if(__w!=null)document.write(__w);</SCRIPT></HTML> 



Since this bug opens internet explorer which is less likely to be kept up to
date by a firebird user it might be possible to use this to open an internet
explorer window and exploit unpatched vulnerabilities there.

Comment 1

[Jesse Ruderman]

This was fixed for Seamonkey in bug 163648.  Maybe the prefs just need to be
copied over.

Comment 2

[Daniel Veditz [:dveditz]]

Clearing confidential flag since bug 163648 is public and Firefox is an obvious
next thing to test. This is fixed by bsmedberg's pref-unification changes that
made the 'birds pick up the default GRE prefs.

Comment 3

[Daniel Veditz [:dveditz]]

*** Bug 243383 has been marked as a duplicate of this bug. ***