Closed
Bug 288628
Opened 19 years ago
Closed 19 years ago
javascript ads blocking should be improved
Categories
(SeaMonkey :: Security, enhancement)
SeaMonkey
Security
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: chtrusch, Assigned: dveditz)
References
()
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050305 Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b2) Gecko/20050305 Go to the specified website, no matter how you fiddle with blocking settings/browser.link.open_newwindow etc, you get a popup or a rederection in the same window/tab to an advertizing site. Also go to any geocities website ads have a look at what overlay ads can do; there is no way to prevent this except turning off javascript, with reduces the functionality of the browser Reproducible: Always I couldn't check for duplicates because the search engine isnÄt working right now.
http://299093.guestbook.onetwomax.de/ triggered an intruder detection alert in Norton Internet Security here, warning of a hight risk intrusion attack (HTTP_MSIE_DHTML_Edit_Ctrl_Attack) from 80.190.203.68. The firewall closed down the connections from that site for 30 minutes. No popup other than Norton Firewalls
describes the exployt - seems it's a phishing/spoofing attempt via a cross-domain vulnerability described at http://www.securiteam.com/windowsntfocus/5QP012KEVE.html Over to security component for evaluation
Assignee: general → dveditz
Component: General → Security
QA Contact: general → seamonkey
For me popups are blocked with Mozilla (incl. the plugin pref). But I see only normal window.open calls.
Version: unspecified → Trunk
Assignee | ||
Comment 4•19 years ago
|
||
WFM, the ad server must've changed, and there's not enough detail here to fix anything. Please search for duplicate bugs before filing, we've got a lot on improving the popup blocker.
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•