665295 - Exploit circumvents popup blocker and takes over home page

Status: RESOLVED INCOMPLETE

(Firefox :: General, defect)

Description

[David States]

User-Agent:       Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
Build Identifier: Mozilla/5.0 (Windows NT 6.1; rv:2.0.1) Gecko/20100101 Firefox/4.0.1

Something on the page http://www.jacsoft.co.nz/Mac_Keys.htm is able to take over Firefox 4.01 and display spam pages on a Win 7 32bit machine.  When you try to quit it just keeps coming back with new windows.  If I kill the Firefox process in the task manager, and restart Firefox, it comes back to the same spam page.  I had to restart on a known good page and reset my home page in the options window to get rid of this.

Reproducible: Sometimes

Steps to Reproduce:
1.Go to the web page http://www.jacsoft.co.nz/Mac_Keys.htm
2.Wait
3.

Actual Results:  
Spam web pages displayed
Firefox refuses to quit
When you try to navigate away it gives a pop up say "Are you sure?" and refuses to exit

Expected Results:  
Wanted to view a different page

Only happens some times

Comment 1

[David States]

Here are the actual  URLs from my browser history.  Start with URL below always gives the behavior

http://popunder.cpvtgt.com/cpv.jsp?p=113903&ronMin=0.004&partnerMin=0.004&aid=304726&url=http%3A//www.jacsoft.co.nz/Tech_Notes/Mac_Keys.shtml&context=Apple%20Macintosh%20Boot%20Key%20Combos&default=http://www.hyperpromote.com

More URLs from browser history log

http://www.msicourse.com/campaigns/rgahd/index.php
http://www.msicourse.com/track.php?linkid=426478&subid=1070
http://426478.msicourse.com/?subid=1070
http://go.lnktrkr.net/aff_r?offer_id=2&aff_id=1070&redirect_pass=1&url=http%3A%2F%2F426478.msicourse.com%2F%3Fsubid%3D1070
http://go.lnktrkr.net/aff_r?offer_id=2&aff_id=1070&url=http%3A%2F%2F426478.msicourse.com%2F%3Fsubid%3D1070
http://rockstaralliance.go2cloud.org/aff_c?offer_id=2&aff_id=1070&aff_sub=ron_113903_adon37popnosound1exitpop
http://go.lnktrkr.net/aff_c?offer_id=2&aff_id=1070&aff_sub=ron_113903_adon37popnosound1exitpop
http://news13jobsreport.com/pulse/1/pulsemark37pop.php?subid=ron_113903_adon37popnosound1
http://st-rs-tl.com/o/13082260093254982?subid=ron_113903
http://popunder.cpvtgt.com/cresults.jsp?p=113903&ronMin=0.004&partnerMin=0.004&aid=304726&url=http%3A//www.jacsoft.co.nz/Tech_Notes/Mac_Keys.shtml&context=Apple%20Macintosh%20Boot%20Key%20Combos&default=http://www.hyperpromote.com/tags/showtlv1.html%3Fbvlocationcode%3D304726%26bvgeocode%3DUS&canUseMyIp
http://popunder.cpvtgt.com/cpv.jsp?p=113903&ronMin=0.004&partnerMin=0.004&aid=304726&url=http%3A//www.jacsoft.co.nz/Tech_Notes/Mac_Keys.shtml&context=Apple%20Macintosh%20Boot%20Key%20Combos&default=http://www.hyperpromote.com/tags/showtlv1.html%3Fbvlocationcode%3D304726%26bvgeocode%3DUS&canUseMyIp
http://url3.cptgt.com/cpv.jsp?p=113903&ronMin=0.004&partnerMin=0.004&aid=304726&url=http%3A//www.jacsoft.co.nz/Tech_Notes/Mac_Keys.shtml&context=Apple%20Macintosh%20Boot%20Key%20Combos&default=http://www.hyperpromote.com/tags/showtlv1.html%3Fbvlocationcode%3D304726%26bvgeocode%3DUS
http://www.hyperpromote.com/tags/showaon.html?bvgeocode=US&bvlocationcode=304726&bvurl=http%3A//www.jacsoft.co.nz/Tech_Notes/Mac_Keys.shtml&bvtitle=Apple%20Macintosh%20Boot%20Key%20Combos

Comment 2

[Simona Badau, Desktop QA]

Works for me on:
Mozilla/5.0 (Windows NT 6.1; rv:7.0a1) Gecko/20110619 Firefox/7.0a1

Does the issue still occur if you start Firefox in Safe Mode? http://support.mozilla.com/en-US/kb/Safe+Mode

How about with a new, empty profile? 
http://support.mozilla.com/en-US/kb/Basic+Troubleshooting#Make_a_new_profile

Comment 3

[Simona Badau, Desktop QA]

Reporter, is your issue still reproducible? Did you had the chance to try what was suggested in Comment 2?

Comment 4

[Tim (fmdeveloper)]

Closing bug as Incomplete - if you are still experiencing this issue or have more information to provide feel free to post back here and we can re-open the bug. You can also get assistance by visiting the Firefox help site -> https://support.mozilla.com/en-US/kb/ask