Closed
Bug 12310
Opened 25 years ago
Closed 25 years ago
Injection of text in documents in the "file:" protocol
Categories
(Core :: Security, defect, P3)
Tracking
()
VERIFIED
FIXED
M13
People
(Reporter: joro, Assigned: norrisboyd)
References
()
Details
(Whiteboard: help wanted: someone from Necko?)
There is a security vulnerability in Mozilla M8 (later versions are also affected) which allows incjecting text in documents in the "file:" protocol. The problem are links like "file://c:/INJECTED TEXT/.." I cannot make a working security exploit - the problem is I cannot inject "<" and ">". But that issue may turn dangerous and I think this is worth fixing. Demonstration is available at: http://www.nat.bg/~joro/mozilla/injectchar.html
I found a way to inject javascript code in documents in "file:" protocol. Demonstration is available at the original URL.
Assignee | ||
Updated•25 years ago
|
Target Milestone: M11
Assignee | ||
Updated•25 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Updated•25 years ago
|
Whiteboard: help wanted: someone from Necko?
Assignee | ||
Comment 2•25 years ago
|
||
This exploit doesn't work for me now. I get 0[10029c0]: Assertion: "unexpected canonical path" (mPath[1] == ':') at file d:\ seamonkey\mozilla\xpcom\io\nsFileSpec.cpp, line 656 Perhaps the parsing code has become stricter?
Assignee | ||
Updated•25 years ago
|
Target Milestone: M11 → M13
Assignee | ||
Comment 3•25 years ago
|
||
Move security bugs from M11 to M13; needed for beta but not for dogfood.
Assignee | ||
Updated•25 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 4•25 years ago
|
||
>>Norris, This does not work for me anymore, even with some modifications. I
>>consider it fixed. Regards, Georgi
Bulk moving all Browser Security bugs to new Security: General component. The previous Security component for Browser will be deleted.
Component: Security → Security: General
Comment hidden (collapsed) |
You need to log in
before you can comment on or make changes to this bug.
Description
•