Closed
Bug 266943
Opened 20 years ago
Closed 20 years ago
Status bar link spoof vulnerability
Categories
(Firefox :: General, defect)
Firefox
General
Tracking
()
RESOLVED
DUPLICATE
of bug 266932
People
(Reporter: nelson_menezes, Assigned: bugzilla)
References
()
Details
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3 Build Identifier: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3 As reported on Slashdot (http://it.slashdot.org/article.pl?sid=04/10/30/1555251&tid=113) by several contributors, FF is also vulnerable (to a smaller extent) to a spoofing of a link's address that affects pre-SP2 IE and Opera. On the status bar, a link's address given by malformed HTML of this kind... <a href="http://www.microsoft.com/"><table><tbody><tr><td><a href="http://www.google.com/">http://www.microsoft.com</a></td></tr></tbody></table></a> ...will not match the actually detination address upon "opening in a new tab" (left-clicking or opening in new window works as expected though). Although the status bar reports the "correct" address, the new tab will open the spoof address. A ./ contributor has put an example page up that exemplifies the problem; there were several reports of it affecting the PR: http://home.cfl.rr.com/jdrabb/testspoof.html Of course, the problem is with the malformed HTML but this could be part of a spoofing attempt, so FF should be able to handle this... Reproducible: Always Steps to Reproduce: 1. Open http://home.cfl.rr.com/jdrabb/testspoof.html 2. Hover cursor on 1st link, note status bar address 3. Middle-click on link - taken to spoof address Actual Results: As above Expected Results: It should have opened the same url as when left-clicking or opening on a new window
Comment 1•20 years ago
|
||
*** This bug has been marked as a duplicate of 266932 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•