Closed
Bug 274171
Opened 20 years ago
Closed 20 years ago
Improve statusbar/save to dialog to avoid virus infection by malicious email
Categories
(SeaMonkey :: MailNews: Message Display, enhancement)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 254913
People
(Reporter: slabbi, Assigned: sspitzer)
Details
Attachments
(1 file)
57.17 KB,
image/jpeg
|
Details |
There are several viruses which could be recognized by an user when the status bar or the save to dialog would be improved: Check the following message: ------------------------------------------------------------- This is a multi-part message in MIME format. ------=_NextPart_000_001B_01C0CA80.6B015D10 Content-Type: multipart/alternative; boundary="----=_NextPart_001_001C_01C0CA80.6B015D10" ------=_NextPart_001_001C_01C0CA80.6B015D10 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable ------=_NextPart_001_001C_01C0CA80.6B015D10 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Diso-8859-1" = http-equiv=3DContent-Type> <META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff>If the message will not displayed automatically,<br> follow the link to read the delivered message.<br><br> Received message is available at:<br> <a href=3Dcid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re height=3D0 width=3D0>www.mydomain.de/inbox/silke/read.php?sessionid-18898</a> <iframe src=3Dcid:031401Mfdab4$3f3dL780$73387018@57W81fa70Re height=3D0 width=3D0></iframe> <DIV> </DIV></BODY></HTML> ------=_NextPart_001_001C_01C0CA80.6B015D10-- ------=_NextPart_000_001B_01C0CA80.6B015D10 Content-Type: audio/x-wav; name="message.scr" Content-Transfer-Encoding: base64 Content-ID:<031401Mfdab4$3f3dL780$73387018@57W81fa70Re> TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAYAAAAA4fug4AtAnNIbgBTM0hV2luZG93cyBQcm9ncmFtDQokUEUAAEwBAwAAAAAA AAAAAAAAAADgAA8BCwEAAAAEAAAAcgAAAAAAAAAgAQAAEAAAACAAAAAAQAAAEAAAAAIAAAQA ------------------------------------------------------------- It displays link as shown in the attached picture. Normally the user will only see the first part of the very long link "mailbox:..." which look quite harmless. Maybe it would be a good idea to cut down the link, so it does not display the complete local path and/or there should be a special warning in the "save to" dialog that the user tries to access an embedded object via the hyperlink (which is quite unusual for normal email).
Reporter | ||
Comment 1•20 years ago
|
||
See this bug and the duped ones. *** This bug has been marked as a duplicate of 254913 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
v. same code would flag the disguised link.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•