Camino Trunk is vulnerable to frame spoofing



Camino Graveyard
14 years ago
13 years ago


(Reporter: Usul, Assigned: Josh Aas)



Mac OS X
Bug Flags:
camino0.9 +


(Whiteboard: [sg:fix], URL)



14 years ago
Camino nightlies are vulnerable to this frame spoof. Camino Branch 0.8 is not.

seems related to

adding jst in cc because he fixed the above bug.
Widely published bug (see URL), no need for the confidential flag.
Group: security
Whiteboard: [sg:fix]

Comment 2

14 years ago
so josh get's this bug on his radar
Is this still a bug and, if so, shouldn't it be fixed for 0.9?
Flags: camino0.9?
can we get a testcase on this bug?
Flags: camino0.9? → camino0.9+

Comment 5

13 years ago
(In reply to comment #4)
> can we get a testcase on this bug?

I can't reproduce. Maybe it has been fixed. I need to check with a version from
placing on the 0.9 list, let's nail this and verify it as fixed.
Target Milestone: --- → Camino0.9

Comment 7

13 years ago
I cannot reproduce this with a trunk build from 2005050514.

Comment 8

13 years ago
NM - that comment is wrong. We are still vulnerable.
Depends on: 296850

Comment 9

13 years ago
I still can't reproduce, following the steps in the Secunia advisory.

Comment 10

13 years ago
I have the same experience as comment 9

Opening the MSDN link in step 1 in a new window spawns that window. Clicking the
Secunia link in step 2 opens it in another new window. Using the 6/15 nightly.

Could it be a combination of preferences that cause this behavior?
I can't reproduce this either. It's spawning two new windows as stated in
comment 10.

Josh: Are you sure we're still vulnerable?

Comment 12

13 years ago
jst/bz: do either of you know if the frame spoofing vulnerability is fixed for
embedding apps?
I believe it should be, yes....  Certainly if we're talking about bug 296850,
that patch works for embedding just like it does for non-embedding builds.

Comment 14

13 years ago
-> josh for resolution.
Assignee: pinkerton → joshmoz

Comment 15

13 years ago
josh: please justify comment #8 :)

Comment 16

13 years ago
I can't repro any more, but I'm quite sure I could at the time... Closing.
Last Resolved: 13 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.