Closed Bug 479790 Opened 15 years ago Closed 13 years ago

Firefox vulnerable to XP Antivirus 2009 & Variants

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
3.0 Branch
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: tskr2, Unassigned)

References

(
URL
)

Details

(Whiteboard: [CLOSEME 2011-2-15]) 

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6

OS: XP Pro SP3.  Anti virus: McAfee Enterprise 8.5.0i (scan engine 5300.2777, Dat Version 5533.0000 02-22-09)  When accessing the URL listed above using Firefox 3.0.6. a Script execution attempts to install a variant of XP Anti virus 2008.  Script execution is blocked by McAfee when the URL listed above is accessed using Microsoft Internet Explorer 7.

Reproducible: Always

Steps to Reproduce:
1.  Google search "Candace Smith Survivor)
2.  Click on link for http://www.freewebs.com/uyynews/candace-smith-survivor.html
3.  Pop up displays misleading information about virus infection prompting user for action which causes Mal ware to be installed.
Actual Results:  
Mal ware will be installed on target PC.  See the following for further details: 
http://en.wikipedia.org/wiki/MS_Antivirus

Expected Results:  
I would expect the security software to protect the browsing experience regardless of which browser I use. 

This is the first time I have experienced IE 7 providing better security / integration than Firefox.  I prefer Firefox and use it exclusively with exceptions only where required.  XP Anti Virus 2009 and it variants have caused others at my company considerable down time and I am surprised that Firefox is vulnerable.  If this is a McAfee problem then I apologize for this post.
The URL in comment#3 doesn't cause any popups.

You mean that Firefox is vulnerable, does that mean that the malware installs on that page without that the user gets a prompt from Firefox ?
Version: unspecified → 3.0 Branch
Reporter, are you still seeing this issue with Firefox 3.6.13 or later in safe mode or a fresh profile? If not, please close. These links can help you in your testing.
http://support.mozilla.com/kb/Safe+Mode
http://support.mozilla.com/kb/Managing+profiles
Whiteboard: [CLOSEME 2011-2-15]
No reply from reporter, INCOMPLETE. Please retest with Firefox 4 or later and a new profile (http://support.mozilla.com/kb/Managing+profiles). If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.