Closed
Bug 1821906
Opened 1 year ago
Closed 1 year ago
Geolocation permission hide notification fullscreen
Categories
(Fenix :: General, defect)
Fenix
General
Tracking
(firefox111 wontfix, firefox112 fixed, firefox113 fixed)
RESOLVED
FIXED
113 Branch
People
(Reporter: sas.kunz, Assigned: petru)
References
Details
(Whiteboard: [reporter-external] [client-bounty-form] [verif?])
Attachments
(6 files, 1 obsolete file)
I found a vulnerability in firefox nightly (i tested on Samsung M31 ) where a geolocation permission alert notification can cover fullscreen notifications which can lead to spoofs.
step to reproduces:
- https://pipabajabakrie.com/upload/geofullscreen.html
- click on button "Try it"
Flags: sec-bounty?
new POC:
- open https://pipabajabakrie.com/upload/geofullscreen2.html
- click on button "Open GOOGLE"
Updated•1 year ago
|
Group: firefox-core-security → mobile-core-security
Component: Security → General
Product: Firefox → Fenix
Attachment #9322600 -
Attachment is obsolete: true
Assignee | ||
Comment 6•1 year ago
|
||
Thank you!
Important to note that this only affects the scenarios in which the toolbar is placed at the bottom (default).
Would be fixed with the same approach as on bug 1816059.
Status: UNCONFIRMED → NEW
status-firefox111:
--- → affected
status-firefox112:
--- → affected
status-firefox113:
--- → affected
Depends on: CVE-2023-29534
Ever confirmed: true
Assignee | ||
Comment 7•1 year ago
|
||
@Hafiizh Can you confirm that the current Nightly avoids this issue?
Flags: needinfo?(sas.kunz)
Assignee | ||
Comment 10•1 year ago
|
||
Thank you for the confirmation!
Assignee: nobody → petru.lingurar
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Updated•1 year ago
|
Target Milestone: --- → 113 Branch
Updated•1 year ago
|
Group: mobile-core-security → core-security-release
Comment 11•1 year ago
|
||
As we expected, this did turn out to be fixed by the redesigned mechanism in bug 1816059 making this essentially a dupe for purposes of the bug bounty.
Flags: sec-bounty? → sec-bounty-
Comment 12•1 year ago
|
||
Updated•6 months ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•