Closed Bug 1081026 Opened 10 years ago Closed 10 years ago

Firefox is supporting to old versions of plug-ins

Categories

(Core Graveyard :: Plug-ins, defect)

Product:
Core Graveyard
Component:
Plug-ins
Version:
35 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: devand27, Unassigned)

Details

Attachments

(1 file)

Untitled 2.png
120.50 KB, image/png
Details
Attached image Untitled 2.png 
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36

Steps to reproduce:


1. Firefox blocks old versions of plug-in, when it finds in the computer.
2. But It still allows to run the old version plug-in by using the User Interface which is a security vulnerability.


Actual results:


Firefox is allowing to run the old versions of plug-ins by using the User Interface which is a security vulnerability. Since the Impact of plug-in security vulnerability is very high, Firefox should not support old versions of plug-ins permanently. 

Thanks
Chandra Mohan


Expected results:

Firefox should not support old versions of plug-ins permanently.
Hi

Firefox should run the plug-ins only if it is up-to-date. This would be the complete fix for the vulnerabilities in plug-ins.

Thanks
Component: Untriaged → Plug-ins
Product: Firefox → Core
Marking the plugin as click-to-play is the tradeoff we put in place to try and nag users into upgrading while recognizing that in some cases it may not be possible. We do not plan on changing this behavior.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WONTFIX
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: