Closed
Bug 262180
Opened 20 years ago
Closed 20 years ago
Popup not blocked, possibly a Flash exploit, no other dialog boxes open.
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 253831
People
(Reporter: metaclops, Assigned: bugzilla)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040913 Firefox/0.10 http://www.macromedia.com/go/DMJA_ABXE allows a popup, it's possibly a Flash exploit. No other firefox windows or dialog boxes were open, so this didn't seem to match any other bug reports. The new IE6 popup blocker successfully blocks this popup. This bug could be caused by anything, macromedia uses a labryinth of javascripts, meta refreshes, and flash to force users down certain paths. Reproducible: Always Steps to Reproduce: 1.Go to http://www.macromedia.com/go/DMJA_ABXE 2.Use this to log in if needed: username: joebillybob_x99@mailinator.com pass: pass99 3. Enjoy an annoying popup Actual Results: Pop up blocker failed. Expected Results: Blocked popup.
I've got no flash plugin installed. I have no popup on that page - so my guess its flash trick. -rOmAz
I've got no flash plugin installed. I have no popup on that page - so my guess its flash trick. -rOmAz
Comment 3•20 years ago
|
||
It redirects and opens a new page in the process. I doubt this is a flash popup If you revisit the page it get's redirected right away, based on the presence of the cookie and opens the new page in a new window too (popup). duplicate of bug 253831 ?
Think I figured out how they do it. 1. http://www.macromedia.com/go/DMJA_ABXE redirects to http://www.macromedia.com/cfusion/ondemand/index.cfm?id=281&type=2&sdid=DMJA_ABXE 2. ...which contains the following javascript: <script language="JavaScript"> function openShellWindow() { var ondemand = window.open('ondemand.cfm?id=281&type=2&promoid=0&trackingid=0&sdid=DMJA_ABXE','seminarWindow','width=832,height=696,screenX=0,screenY=0,left=0,top=0,location=0,menubar=0,scrollbars=0,resizable=0,toolbar=0,status=0'); if (navigator.userAgent.indexOf('Mac') != -1 && navigator.appName.indexOf('Microsoft') != -1) { ondemand.resizeTo(832,696); } ondemand.focus(); window.location = "/macromedia/events/online/ondemand/index.html"; } < /script> 3. ...and also embeds the following swf: http://www.macromedia.com/swf/ondemand/od_ver_checker.swf 4. Open just the swf in firefox and do a view source, you'll see the following function: javascript:openShellWindow() Forgot to mention that I disabled all extensions and the popup still appears. I'll mark this at a dupe of bug 253831. Thanks
*** This bug has been marked as a duplicate of 253831 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•