Closed
Bug 1432072
Opened 6 years ago
Closed 6 years ago
Denial of service via basic auth FF 58.0 (Windows 10)
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 377496
People
(Reporter: ericharding, Unassigned)
Details
(Keywords: dupeme)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Build ID: 20180115093319 Steps to reproduce: (Don't click these) I was directed to a maliciouis site from some search results and ended up having to kill Firefox from an external process. Initial url: i214.fastandbrave.com/?rbatn=flow redirected to: http://x0z04i90004.info/en/?id=KzEgKDg4OCkgNzkxLTA5NTQ Actual results: A red flashing page with a phone number appeared and an alarm sounded. In the foreground multiple requests for authentication popped up and came back if dismissed. There was no option to prevent further notification. I could not silence the page or close the tab. If I tried to interact with other tabs focus was pulled back to the authentication dialog after a few seconds. I was able to get the browser to respond again by disabling my network device (to stop the repeated popups) I tried to ctrl-s the page to get a repro and I did get the file picker dialog to choose a location but nothing was saved. After attempting to save FF went completely unresponsive and I had to kill it. Expected results: I should have been able to close the tab. Ideally - I should have been able to control the repeated popups. Possibly related to : https://bugzilla.mozilla.org/show_bug.cgi?id=1312243 but that says fixed in 52.
Updated•6 years ago
|
Status: UNCONFIRMED → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•