Closed
Bug 245855
Opened 20 years ago
Closed 15 years ago
Wrong URL is shown in status line when combination of A and MAP tags is used
Categories
(SeaMonkey :: MailNews: Message Display, defect, P1)
Tracking
(Not tracked)
RESOLVED
WORKSFORME
People
(Reporter: slabbi, Unassigned)
Details
Attachments
(1 file)
|
9.68 KB,
text/plain
|
Details |
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a2) Gecko/20040529 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a2) Gecko/20040529 When following code is used, MailNews displays web.da-us.citibank.com/signin/scripts/Iogin2/user_setup.jsp in the status line instead of 64.160.46.225/cit/index.htm <html><p><font face="Arial"><A HREF="https://web.da-us.citibank.com/signin/scripts/Iogin2/user_setup.jsp"><map name="FPMap0"><area coords="0, 0, 610, 275" shape="rect" href="http://%36%34%2E%31%36%30%2E%34%36%2E%32%32%35:%34%39%30%33/%63%69%74/%69%6E%64%65%78%2E%68%74%6D"></map><img SRC="cid:part1.01040300.02020805@user-billing17@citibank.com" border="0" usemap="#FPMap0"></A></a></font></p><p><font color="#FFFFF2">in 1920 XFL Cheerleaders mamma Vietnam War that suits me. </font></p></html> Well, I am not quote sure if this is really wanted. When I display the same code in the Browser it displays "64.160.46.225/cit/index.htm". I have enclosed the whole message. To test it rename it to "*.eml" or "*.html" and drop it into the Browser window. Reproducible: Always Steps to Reproduce: 1. Rename the enclosed file to 1.eml and drag'n'drop the file into the browser window, web.da-us.citibank.com/signin/scripts/Iogin2/user_setup.jsp is displayed 2. Rename the enclosed file to 1.htm and drag'n'drop the file into the browser window, 64.160.46.225/cit/index.htm is displayed Expected Results: Both test cases should display either the URL taken from the A tag or from the MAP tag.
|
Reporter | |
Comment 1•20 years ago
|
||
looks like related to an IE vulnerability: http://lists.netsys.com/pipermail/full-disclosure/2004-May/021116.html German article http://www.heise.de/newsticker/meldung/47264/
|
||
Comment 3•20 years ago
|
||
This is becomming a VERY popular phishing technique. I'd almost call it a security problem.
|
||
Updated•20 years ago
|
Product: Browser → Seamonkey
|
||
Comment 4•19 years ago
|
||
scott, can you take this bug from me?
|
||
Updated•19 years ago
|
Assignee: sspitzer → mail
|
||
Comment 5•19 years ago
|
||
I just ran into this bug/phishing scam too... Oddly enough, the misleading URL is displayed *only* in Thunderbird (1.0.6 tested). I did a little experimenting, and I can't recreate the problem with FF 1.0.6 or Deer Park Alpha 2. I dunno if there's something different in how Thunderbird displays link URLs, or if this flaw depends on some oddity in the email (MIME chunks, cid: URL, etc). Firefox shows the expected URL in the status bar (the phishing address from the MAP AREA), while Thunderbird shows the misleading/unused A HREF target.
|
|
Reporter | |
Updated•19 years ago
|
Flags: blocking1.7.11?
Priority: -- → P1
|
|
||
Updated•19 years ago
|
Flags: blocking1.7.11? → blocking1.7.11-
|
||
Comment 6•15 years ago
|
||
WFM with Thunderbird trunk and Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b5pre) Gecko/20090516 SeaMonkey/2.0b1pre
Assignee: mail → nobody
Status: NEW → RESOLVED
Closed: 15 years ago
QA Contact: message-display
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•