Closed
Bug 122790
Opened 23 years ago
Closed 22 years ago
Auto-driving email trojan
Categories
(MailNews Core :: Security, defect, P2)
MailNews Core
Security
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 109249
People
(Reporter: BenB, Assigned: BenB)
Details
Attachments
(2 files)
screenshot of evil mail's appearance
Andrew Simmons <andrew@zpok.demon.co.uk> reported that he got a mail which, when viewed in Mozilla, triggers an Save As dialog. The risk is that a user might just click OK and later start the file (might be an .exe) from the disk out of curiosity.
|
Assignee | |
Comment 2•23 years ago
|
||
Andrew, the testcase you forwarded to us doesn't work for me. I only get a mess of ? characters and an main.doc.exe attachment, but no Save As dialog, neither in 0.9.4.1 nor in the trunk. Can you maybe attach the testcase to this bug, with mimetype "message/rfc822"? Maybe something went wrong during forwarding...
|
||
Comment 3•23 years ago
|
||
Isn't this a dup of bug 109249?
|
|
Assignee | |
Comment 4•23 years ago
|
||
I guess so, too, but mstoltz didn't allow me to publish anything about this bug despite the other bug.
|
||
Comment 5•23 years ago
|
||
|
|
||
Comment 6•23 years ago
|
||
I've added the following attachments:
1. A screenshot of how the thing appears to me when I open it (minus the dialog
box, that is) - as you say, a mass of questionmarks. Notice the strange
artifact at the very bottom of the window, just above the 'm' in the status
bar: a 1x1 image, perhaps? My (uninformed) guess is that there's some on_load
scripting, which is hidden by the charset-encoding ('gb2312') and/or the base64
encoding ?
2. The content of 'View source', including SMTP headers: as suggested, I set
the MIME type to message/rfc822" (isn't this rfc 2822 now? ;)
I've tried forwarding the thing to myself, and the 'auto-prompt' functionality
doesn't work in that case either.
Let me know if there's anything else I can add...|
|
||
Comment 7•23 years ago
|
||
OK I just had a look at the mail data attachment in MIME message/rfc822: the content body look quite a lot different from how the original mail appears to me (see the screenshot) - however it's prompting me to save in exactly the same way.
|
|
Assignee | |
Updated•22 years ago
|
Priority: -- → P2
|
||
Comment 8•22 years ago
|
||
This appears to be a dup of 109249, and that one's been fixed. The evil message attached to this bug doesn't seem to cause a Save As dialog. However, we should do some more testing to be sure. CCing bsharma, who may have some ideas for additional tests. Please try viewing the attached message on various platforms, both in the mail window and in the browser. *** This bug has been marked as a duplicate of 109249 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
|
||
Updated•22 years ago
|
QA Contact: junruh → bsharma
|
|
||
Updated•22 years ago
|
Group: security?
|
||
Updated•20 years ago
|
Product: MailNews → Core
|
||
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•