425192 - Email field in forms show data never entered by user that coincides with received spam

Status: RESOLVED INCOMPLETE

(Toolkit :: Form Manager, defect)

Description

[Sherry Baker]

User-Agent:       Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13
Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13

When filling in a form using Firefox, the form usually gives several previously typed suggestions for that field. I've noticed in the email field there are several email addresses that I have never used. Most of these email addresses; however, do coincide with spam I have recently received, and according to my auto-responder set up with one of my accounts, also SENT. 

Thunderbird shows no indications of the emails being sent from Thunderbird that my auto-responder seems to be replying to. I'm worried that spammers have figured out a way to use the Firefox browser to send their spam from our own machines.

Reproducible: Always

Steps to Reproduce:
1. find a form with an "email address" field
2. type in one letter a-z and watch what comes up.

Actual Results:  
Under most letters typed in are several email addresses in the drop down menu that don't belong to me and were never typed by me...the solo user of my computer.

Expected Results:  
I expect to see only information I have previously typed into that field.

I'm using the latest upgrade to FireFox and Thunderbird and Leopard OSX. This is repeatable on two other machines with different information, both Macs using Tiger.

Comment 1

[Hasham]

Ok, I used litmus.mozilla.org and facebook.com to check the e-mail fields and it only gave me the e-mail address I had inputted previously. I don't seem to get the issue you brought up. I'm using FF3 for this. Did this problem ever reoccur for you?

Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008061004 Firefox/3.0

Marking as WORKSFORME.

Comment 2

[Sherry Baker]

Not resolved.

It's still doing it. I just recently upgraded to FF3 and it happened just this morning!

Did you click on the email field to see if it gave you more than your last input option? That's where it occurs for me. I expect to see one or two options (myself and my husband's email) and I STILL get a list of email addresses that I have never input before... some of which look suspiciously like spam addresses. I have screen captures if you want to see them (just don't know where to upload them)

Pages I have been to where it is most noticeable:
www.papajohns.com

Comment 3

[Sherry Baker]

Attachment: note the drop down menu on email. Only one is an address belonging to me.

Just a screenshot to illustrate what is going on and to show it's still an issue in FireFox 3

Comment 4

[Hasham]

Hmm, that is really weird. I see that you autoresponded to these spam messages? Did you use Firefox to access you e-mails (go to gmail) or do you use rely solely on a dedicated application (you mentioned Thunderbird). 

If you use Firefox to access e-mail, it might have detected that you sent messages to these addresses and that's why they appear in the e-mail fields. Does this seem like your situation so far?

Comment 5

[Justin Dolske [:Dolske]]

There's no connection between email and the Firefox profile, so I don't see how this would happen. Form data is only keyed on the field name (not the site), so it's most likely they you're seeing values were entered on other forms, or some extension is injecting values.

Comment 6

[Hasham]

Thanks for clearing this up Justin. Sherry, what you could do to pinpoint this is to open up Firefox in safe-mode (which disables all add-ons) and see if this problem reoccurs. If it doesn't, then it is an extension issue.

Comment 7

[Sherry Baker]

I never use Firefox to access mail. The only program that I use for mail is Thunderbird. I have never (to my knowledge) sent to, responded to, or otherwise typed these email addresses into FireFox at any time. I have an auto responder on the server level, set to send a receipt to each person that sends one of my accounts, but this receipt, as I said, is sent through the offsite email host, not my computer, FireFox nor Thunderbird.

My main concern when I first saw this happening, was that the email addresses that show up, look to be bounced back spam messages. The type of messages you get from servers when someone uses your email to send a slew of spam and you get responses back from their victims' servers as if you had actually sent the original mail.

I was hoping that someone hadn't found a way to exploit an unknown security hole in FireFox to send their spam messages from my browser... with the only indication they had done so, was the email field "remembering" the address they had used.

Is this possible? I can't think of where else FireFox could be getting these addresses. If there is anything else you need to know, I'll help in any way I can.

Comment 8

[Sherry Baker]

Attachment: Still doing it in Safe Mode

This screenshot taken in safe mode. There are unknown addresses under almost every letter I typed in.

Comment 9

[Sherry Baker]

I took your advice and ran in safe mode. Apparently it is not an extension issue as it still is doing it. See new screen shot.

This is also reproducible on my other 2 macs here at work, and it's even happening at home, an Intel iMac 20" and a G4, both (now) running FireFox 3. It occurred in the previous version as well. I'd be interested if it is happening on PC's. The one's at my office are all running IE (company policy) so I can't test it.

Comment 10

[Justin Dolske [:Dolske]]

Not much we can do here without a specific reproducible testcase. This might have been fixed by bug 463486, if some site you're using had input fields filled with random email addresses by default.