Closed
Bug 722526
Opened 12 years ago
Closed 12 years ago
Malicious "Adobe Flash 11.3 Update" add-on
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: mhammell, Assigned: jorgev)
Details
Attachments
(1 file)
7.63 KB,
application/octet-stream
|
Details |
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_2) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.77 Safari/535.7 Steps to reproduce: Downloaded the "Adobe Flash 11.3 Update" add-on from http://oibruvv.com/flash@adobe.com.xpi Actual results: After install, it injects main.js from the addon, which injects http://oibruvv.com/ffunctions.js ffunctions.js injects a script tag to load http://oibruvv.com/track.php Track.php which injects script tags to load http://oibruvv.com/likepage.php http://oibruvv.com/wallpost.php The likepage.php steals your FB cookies and sends likes. It was configured to like this one 340392035980023 Wallpost.php is configurable, based on the GET params you pass to it. It will build a custom JS file with your spam message and URL. Expected results: It shouldn't steal cookies from the browser and send likes to Facebook without the user's knowledge.
Assignee | ||
Comment 1•12 years ago
|
||
Id: flash@adobe.com
Assignee: nobody → jorge
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Assignee | ||
Comment 2•12 years ago
|
||
The id is safe to block, as far as I can see. https://addons.mozilla.org/en-US/firefox/blocked/i56
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 3•12 years ago
|
||
This add-on changes its ID to avoid the blocklisting: flashupdate@adobe.com See http://www.geckozone.org/forum/viewtopic.php?f=5&t=103030&p=678608#p678589
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee | ||
Comment 4•12 years ago
|
||
Please file a new bug when it has a different ID. It's easier for us to track. https://addons.mozilla.org/en-US/firefox/blocked/i68
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
Updated•8 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•