Closed Bug 230711 Opened 21 years ago Closed 21 years ago

Mozilla URL spoofing vulnerability

Categories

(SeaMonkey :: General, defect)

x86
Windows 2000
defect
Not set
critical

Tracking

(Not tracked)

VERIFIED DUPLICATE of bug 228176

People

(Reporter: fabiohfs, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 The press is warning about a Internet Explorer URL vulnerability, however i got the same vulnerability in the Mozilla. The vulnerability is caused when including the "%01" and "%00" URL encoded representations after the username and right before the "@" character in an URL. See http://security.openwares.org about detailed information. Reproducible: Always Steps to Reproduce: 1. Create a simple html file. 2. Put <A HREF=" http://www.trusted_site.com%01%00@malicious_site.com/malicious.html">Trusted</A> 3. Put the mouse over this link and see the status line. Actual Results: The status line don´t show complete URL. Expected Results: The status line should show complete URL. See http://security.openwares.org about details from this vulnerability.
this is fixed in pre-1.6 builds: http://ftp.mozilla.org/pub/mozilla.org/mozilla/nightly/latest-1.6/ *** This bug has been marked as a duplicate of 228176 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
v
Status: RESOLVED → VERIFIED
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.