Closed Bug 1633390 Opened 4 years ago Closed 4 years ago

Extension block request: Add-ons executing remote script

Categories

(Toolkit :: Blocklist Policy Requests, task)

task

Tracking

()

RESOLVED FIXED

People

(Reporter: TheOne, Assigned: TheOne)

References

Details

(Whiteboard: [extension])

Extension name Add-ons executing remote script
Extension versions affected <all versions>
Platforms affected <all platforms>
Block severity hard

Reason

I’ve reviewed the add-ons and confirmed they are executing remote code.

Extension GUIDs

abnmaapdjgmmnlodmpmjdebnklepecok@chrome-store-foxified-2396027552
abnmaapdjgmmnlodmpmjdebnklepecok@chrome-store-foxified-2768870236
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified-3862814240
abnmaapdjgmmnlodmpmjdebnklepecok@chrome-store-foxified-1995059603
ddbcnfgbjcicbjdblfafohkpodcnnehi@chrome-store-foxified-749309492
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified-1874441907
mekjacpfdgboianikjjonilmgfiekmic@chrome-store-foxified-1955510596
mpnamocnciebhgnpcnmoodclmocfcdig@chrome-store-foxified-1063516441
mpnamocnciebhgnpcnmoodclmocfcdig@chrome-store-foxified--20246131
mpnamocnciebhgnpcnmoodclmocfcdig@chrome-store-foxified-1884689962
kgcglkchocglabfcpdiepkifnfgffipe@chrome-store-foxified-1741550361
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified-1214727723
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified--1260504401
mpnamocnciebhgnpcnmoodclmocfcdig@chrome-store-foxified--1159015990
jellydsgliker@gmail.com
eoejpaafchckabdajohgeejbijdcgekh@chrome-store-foxified-140400165
coonecdghnepgiblpccbbihiahajndda@chrome-store-foxified--1373559051
mdaabhnjlpeemhcdbpopjfpjhbahgljl@chrome-store-foxified--411767831
pojgfhefohapcfnfbpmhkheejmfdkoap@chrome-store-foxified--1625696403
ghbdhifaekeljelljigndababkcmnkbc@chrome-store-foxified--381631510
eeocglpgjdpaefaedpblffpeebgmgddk@chrome-store-foxified-329350023
eeocglpgjdpaefaedpblffpeebgmgddk@chrome-store-foxified-1137326342
pojgfhefohapcfnfbpmhkheejmfdkoap@chrome-store-foxified-499858012
eeocglpgjdpaefaedpblffpeebgmgddk@chrome-store-foxified-541423900
inglpdjejkleleiikjkankoliodjihfd@chrome-store-foxified-1717509943
inglpdjejkleleiikjkankoliodjihfd@chrome-store-foxified--463564538
mdaabhnjlpeemhcdbpopjfpjhbahgljl@chrome-store-foxified-1665879186
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--1720842629
lplaiehenloheihooakfjkigmkbmmhon@chrome-store-foxified-1634056625
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--690580557
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified--1733601123
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified-626655243
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--1696752497
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified--2146203701
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-1831123651
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified-1767565081
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-2083020687
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified-1426582348
nknfhhmhoflkcijaodalbncnmidocced@chrome-store-foxified--1290320498
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--1121442903
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-951765545
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified--1520388245
mdaabhnjlpeemhcdbpopjfpjhbahgljl@chrome-store-foxified-2096851818
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-1268339820
mkbgdfopfbhcdnoccicgpcpgghhkgocf@chrome-store-foxified--120390217
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-1144806275
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--1474463899
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified--2139994037
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified-610190214
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified--745418008
djijfbpaknhcpkmmdpjehlohnfjignne@chrome-store-foxified-1752420038
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-2147224839
{d15c2e66-7d4a-42d2-ad26-7145307a085a}
lplaiehenloheihooakfjkigmkbmmhon@chrome-store-foxified-208664670
lplaiehenloheihooakfjkigmkbmmhon@chrome-store-foxified--1439727444
{12ee1eeb-7788-444f-8430-4edd085ab7e6}
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified--1731227161
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified--1624543284
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-1394660953
mhhlegoabmmlmmafmepadpdnncknjdid@chrome-store-foxified-1394660953
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-1935240009
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified-400250101
lmnialfbncmdjnnlkieehpbbgaoiihdc@chrome-store-foxified--80073038
coonecdghnepgiblpccbbihiahajndda@chrome-store-foxified--168270995
{aecccccf-16fa-4fad-b8e3-add05aaa9111}
{bc5a705b-7b2d-4bb0-9cf9-360387b682eb}
{7ab16f1b-627c-4ac3-ba35-e3545a9090cc}
{fcca50f6-5318-4eb3-b737-73dd3b9e6045}
{f0990433-f30e-4943-8fb7-e1de2b913d48}
fjekneelhekaolbldhmokjfjlfdlbfcp@chrome-store-foxified--681203570
mhhlegoabmmlmmafmepadpdnncknjdid@chrome-store-foxified-1094969866
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified--1871365729
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified--1356642283
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified-1428700807
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified--2007683861
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified-2015138387
kbfppphbbfnnfbpbgilecdildnckbcam@chrome-store-foxified--1508372373
phbfhmldomeohhegllnephiclooafjdj@chrome-store-foxified--1178514589
bikpdjjalmcdjoglbgfhmdjclblhfjei@chrome-store-foxified--1178514589
debaadifgajofjmemiiphodjgamjaebh@chrome-store-foxified-219347684
fpocmbppcinhpeholdacbakebdkijfdp@chrome-store-foxified--493366227
pllaimjanehlenjlohniomaplpchdpea@chrome-store-foxified--606969408
fpocmbppcinhpeholdacbakebdkijfdp@chrome-store-foxified-2133428645
debaadifgajofjmemiiphodjgamjaebh@chrome-store-foxified--2071337123
@vkmediadownloader
{80d083fc-8d0c-43b9-bb21-9c1545797019}
@fud
@facebookcolor
{6f72fdeb-a77c-4626-94bd-80d2966d67f9}
{5b9ba2c6-e069-431c-b1a0-6013cb2668ae}
image-search-reverse@4.90
nokpebgkfckhkmiejkpokjgeaigopbmo@chrome-store-foxified-unsigned
generated-hgzdu0x7vzdjuxwf4p8twj@chrome-store-foxified-864201011
{ea43dc99-0607-481e-b82c-f32769aa691e}
{2981b4f4-25a6-429a-a3a8-18fd228f20bc}
lite-vpn4.1@gmail.com
{61a36b8b-6c7c-4dbc-ba7a-2b58d74eedd2}
{580d5662-cfca-4314-95ea-d0eee823a540}
{9643ee9d-e783-40ee-9dd5-fb7219e82ea9}
{a7376abe-343c-4205-99c8-8871ab87fa6f}
{c5283dde-419a-405a-a837-4ed56761c1c9}
{91b25e6e-b160-44f0-8342-ba36049fc336}

The block has been staged. Stuart, can you review and push?

Flags: needinfo?(scolville)

Done.

Group: blocklist-requests
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Flags: needinfo?(scolville)
Resolution: --- → FIXED

Ok, so I should change my passwords??
What does that remote code do? steal information? Control my browser? Or what???

I didn't understand why the add-on was removed- I was enjoying the add-on's function but suddenly gone.
There is not enough info what remote code execution means to normal users like us who doesn't have background on cyber security.
I'd appreciate it if you can reply to this thread and provide a suggestion how I can use the video download feature. Should I just download another similar add-on? How do I know if the new add-on doesn't have a malware or altering? I had a bad experience with another add-on that was doing similar which would randomly send and make a popup to a site and I wasn't able to remove it by cookie removal.
I'm not sure what this add-on was doing that caused you to concerned and remove (not to say it was not worth- I'm sure there is a good reason, but the explanation wasn't enough), but at least it didn't have that nasty web redirecting.
Hopefully you can recommend a good alternatives so I can download videos.
Thanks.

Flags: needinfo?(awagner)

When Mozilla becomes aware of add-ons, plugins, or other third-party software that seriously compromises Firefox security, stability, or performance and meets certain criteria, the software may be blocked from general use. For more information, please read this support article.

The internet holds many explanations of remote code execution, Wikipedia has a general article about it. Remote code execution is explicitly forbidden as per our policies.

Mozilla runs a Recommended Extensions program. Recommended extensions are curated extensions that meet the highest standards of security, functionality, and user experience. Firefox staff thoroughly evaluate each extension before it receives Recommended status. Video downloaders are part of the program, I am sure you will find a suitable replacement there.

Flags: needinfo?(awagner)
You need to log in before you can comment on or make changes to this bug.