Closed
Bug 317744
Opened 19 years ago
Closed 19 years ago
What appears to be a buffer overflow in location bar. Could potentially be used for phishing scams.
Categories
(Firefox :: Address Bar, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 317746
People
(Reporter: dk323, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7 If you type in a large number of characters where the URL should be, the characters in the url disappear or become garbled (unreadably so). The exact number of characters necessary to cause this glitch varies depending on which computer I try it on, but it is always a power of 2, which is what leads me to believe that it is a buffer overflow and not a disply problem. Sites could store pages under extremely long URLs to obscure the URL and make it unverifiable, allowing them to steal passwords and bank account numbers from unwary users. Reproducible: Always Steps to Reproduce: 1. Copy a large string (>1000 characters) onto the clipboard. 2. Paste the string into the address bar repeatedly until the error occurs. Actual Results: The URL disappears or becomes garbled. Expected Results: Properly displayed the URL or displayed an error message and not attempted to load the page. Tested on three different computers.
Comment 1•19 years ago
|
||
*** This bug has been marked as a duplicate of 317746 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•18 years ago
|
Group: security
You need to log in
before you can comment on or make changes to this bug.
Description
•