Closed Bug 340442 Opened 18 years ago Closed 16 years ago

Crash if I opended the site (Virus that attacks the browser: Kaspersky: Exploit.HTML.DialogArg)

Categories

(Plugins Graveyard :: Kaspersky AV, defect)

x86
Windows XP
defect
Not set
critical

Tracking

(Not tracked)

RESOLVED INCOMPLETE

People

(Reporter: diepat89, Unassigned)

References

()

Details

(Keywords: crash)

Attachments

(1 file)

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4

If i opended the site, the browser crashs, a virus-alert appears, and some mail-windows appears

Reproducible: Always

Steps to Reproduce:
1. Simply open the Website
2.
3.

Actual Results:  
If i opended the site, the browser crashs, a virus-alert appears, and some mail-windows appears

Expected Results:  
only showing the site
The Kaspersky detection is irrelevant, that's just a detection of an IE-only exploit attempt found on the page as its being processed (although it does tell you right off the bat that you're dealing with malicious folks -- and there's no way to know whether there's an -un-detected Firefox exploit).

The crash is probably due to the DOS-attack, an infinite number of attempts to launch your mailreader until your machine runs out of resources and dies (as in bug 181860)

Anyone find anything else there?
Group: security
Depends on: 181860
Attached file getclip.html
I did crash in bone cho when running their code that attempts to steal the clipboard contents but not in trunk and it wasn't 100% reproducible. I didn't load the content (some swf etc) that might be nasty but AVG didn't see anything in them.
Keywords: crash
Version: unspecified → 1.5.0.x Branch
reporter, Do you still see this problem. If you do not, please close the bug with resolution WORKSFORME, INVALID, etc as may be appropriate to your situation (but not FIXED unless you know the bug with the patch). 

If you still see problem using a current version of Firefox or trunk build, please provide additional detail.
Whiteboard: closeme 2008-12-10
@Reporter, we have not heard back from you in a while, so I am closing this bug as INCOMPLETE. You can reopen this bug if more information becomes available. Some helpful information you can provide us is found at http://quality.mozilla.org/bug-writing-guidelines.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → INCOMPLETE
Whiteboard: closeme 2008-12-10
We're now tracking such bugs. This doesn't mean it's something we can fix, merely something we hope to be able to point vendors to so they can investigate. This is an automated message.
Component: Security → Kaspersky AV
Product: Firefox → Plugins
QA Contact: firefox → kaspersky-antivirus
Version: 1.5.0.x Branch → unspecified
Product: Plugins → Plugins Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: