Closed Bug 112562 Opened 23 years ago Closed 23 years ago

Security hole with attached files?

Categories

(MailNews Core :: Security, defect)

Product:
MailNews Core
Component:
Security
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 55690

People

(Reporter: mgunnar, Assigned: security-bugs)

Details

This is possibly a version of bug#109249.

I received an email virus this morning, and though my virus shield did its job 
and protected me, Mozilla's behaviour worried me. When I opened the email, I 
got a dialog asking me where to save the (attached?) exe-file. Milliseconds 
later, my virus shield told me that the file had already been downloaded to a 
temp directory. 

1) Why does Mozilla try to download the file when I just open (read) the 
message? (I have an IMAP account.)

2) Why does Mozilla download the file to a temp directory before I have 
confirmed that I want to download it?

3) Old Netscape 4.78 does not do this.

(I use Mozilla 0.96; can't find that info on this page.)
2) Dupe of 112567 (now is 112567 setted as NEW/blocker)?
Duplicate of "Saving a file creates a file before location is chosen; spool file
should be moved once the user picks a filename"

*** This bug has been marked as a duplicate of 55690 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Verified dupe.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.