Closed Bug 1268975 Opened 8 years ago Closed 8 years ago

Port Bug 1255570 to SeaMonkey - HTTP(S) URL spoof in location bar

Categories

(SeaMonkey :: Location Bar, defect)

Product:
SeaMonkey
Component:
Location Bar
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(firefox49 affected, seamonkey2.46+ affected)

Status:
RESOLVED FIXED
Milestone:
seamonkey2.46
Tracking Flags:
Tracking Status
firefox49 --- affected
seamonkey2.46 + affected

People

(Reporter: philip.chee, Assigned: philip.chee)

References

Details

(Whiteboard: tracking-seamonkey2.45+ status-seamonkey2.45+)

Attachments

(1 file)

Patch for SeaMonkey V1
16.11 KB, patch
iannbugzilla
: review+
iannbugzilla
: approval-comm-aurora+
iannbugzilla
: approval-comm-beta+
iannbugzilla
: approval-comm-release+
Details | Diff | Splinter Review 
(from Bug 1255570 comment #0)
> Created attachment 8729168 [details]
> testcase.html
> 
> User Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like
> Gecko) Chrome/49.0.2623.87 Safari/537.36
> 
> Steps to reproduce:
> 
> Combination of data URI, Unicode characters and frames. 
> Spoof is not perfect but good enough to easily fool your mom and dad. 
> At least it worked with mine :)
> 
> Follow link in testcase file for a simple demo.
> 
> 
> 
> Actual results:
> 
> Browser navigates to arbitrary website but URL bar shows
> https://secure.paypal.com/   
> 
> 
> Expected results:
> 
> At the very least misleading Unicode characters should be detected/escaped
> and/or a big warning should be displayed.
> 
> Note: I'm submitting a similar report to Chromium.

        Attachment #8747270 -
        Flags: review?(iann_bugzilla)

    
  
See Also:  → CVE-2016-5251

    
  

          status-seamonkey2.46:
          --- → affected

          tracking-seamonkey2.46:
          --- → +

    
    

    
  
Comment on attachment 8747270 [details] [diff] [review]
Patch for SeaMonkey V1

[Triage Comment]
r=me a=me for whichever branches need it.

        Attachment #8747270 -
        Flags: review?(iann_bugzilla)

        Attachment #8747270 -
        Flags: review+

        Attachment #8747270 -
        Flags: approval-comm-release+

        Attachment #8747270 -
        Flags: approval-comm-beta+

        Attachment #8747270 -
        Flags: approval-comm-aurora+

    
    

    
  
http://hg.mozilla.org/comm-central/rev/89f9c42ded4b
http://hg.mozilla.org/releases/comm-aurora/rev/9d626f302fb6
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Whiteboard: tracking-seamonkey2.45+ status-seamonkey2.45+
Target Milestone: --- → seamonkey2.46
Group: core-security-release

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: