phishing: target of "nested link" depends on mouse button used when clicking

RESOLVED FIXED

Status

()

Core
DOM: Core & HTML
RESOLVED FIXED
11 years ago
6 years ago

People

(Reporter: tsattler, Unassigned)

Tracking

1.8 Branch
x86
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:low spoof], URL)

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b2) Gecko/20050702

leftclick opens one URL, middleclick another after js was used to change

<a href="http://www.heise.de">
  <img src="http://www.heise.de/icons/ho/heise.gif">
</a>

to

<a href="http://www.heise.de">
  <a href="http://www.google.de">
    <img src="http://www.heise.de/icons/ho/heise.gif">
  </a>
</a>


Reproducible: Always

Steps to Reproduce:
click on the image with left/middle mousebutton
Actual Results:  
different sites are opened

Expected Results:  
both should act the same

happens with vanilla nightly build
could possibly used for phishing

Comment 1

11 years ago
i'd rather this bug be public so that it would get some attn and maybe be fixed.
Assignee: general → general
Component: General → DOM: HTML
Product: Mozilla Application Suite → Core
QA Contact: general → ian
Version: unspecified → 1.8 Branch
Group: security
Status: UNCONFIRMED → NEW
Ever confirmed: true
Whiteboard: [sg:low spoof]

Updated

9 years ago
Component: DOM: HTML → DOM: Core & HTML
QA Contact: ian → general

Comment 2

6 years ago
Fixed in bug 331959, I believe. Both methods go to the inner link now.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Summary: phishing: link-target depends on mouse butten used when clicking on a js-modified image → phishing: target of "nested link" depends on mouse button used when clicking
You need to log in before you can comment on or make changes to this bug.