295161 - When entering link or clicking a link at that site and other like it, trojan horse is installed on computer using exploit in all version and in Internet Explorer

Status: RESOLVED INVALID

(Firefox :: Security, defect)

Description

[moon_baby1]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4

In page http://www.crackz.ws/n4.htm (might have to click a link) for example but
there are many other pages just like it a trojan horse is some how installed on
to the system using and exploit found in all firefox browser and the current
versions of Internet Explorer. a work around would be unchecking the preference
"enable javascript" only. i thought it was fixed in the version 1.0.4 but i
guess not. this is a real issue especially if its a new trojan not yet detected
by scanners. if this is fixed it might be the most safe browser out yet.

Reproducible: Always

Steps to Reproduce:
1. go to site http://www.crackz.ws/n4.htm 
2. if norton hasn't detected trojan click refresh or one of the links
3. if done right you get norton popup alert for trojan everytime and from normal
sites as well were a popup ad will come up and have a trojan in it.

Actual Results:  
norton antivirus detects a trojan installed on the computer and try to start.

Expected Results:  
nothing it should not have installed anything of the sort.

i've seen this exploit before some how alter the profiles or themes of firefox
for what ever reason. its one of the biggest flaws in firefox and IE and if i
ever come across something new then my scanner will not be able to help.

Comment 1

[:Gavin Sharp [email: gavin@gavinsharp.com]]

No trojans are being downloaded. The antivirus program is simply seeing the
virus signatures in the browser cache, and reacting appropriately. There is no
harm in having the code in the cache, it's not executable that way. Clear your
cache to delete the information.