If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Firefox hangs and does not respond and it leads to Windows hanging and not responding if you use the Javascript method "open".

RESOLVED WORKSFORME

Status

()

Firefox
Security
--
major
RESOLVED WORKSFORME
9 years ago
9 years ago

People

(Reporter: Oleksandr Heneralov, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4

If there is some web page entitled "crash.html" which has the following source code:
<html>
<head>
<title>MSIE browser entrapment vulnerability #3 demo</title>
</head>
<body >
<script>
open("crash.html","hello");
</script>

</body>
</html>
and if you run this web page it leads to a very serious problem - Windows halts and does not respond. Only restarting can help. It can be used by hackers.

Reproducible: Always

Steps to Reproduce:
1.create the web page with the code <html>
<head>
<title>MSIE browser entrapment vulnerability #3 demo</title>
</head>
<body >
<script>
open("crash.html","hello");
</script>

</body>
</html>
2. Run this page.
3. Wait several seconds.
Actual Results:  
Windows stops responding.

Expected Results:  
Normal functioning of Windows. Firefox should not hang.
I am not able to reproduce this on Windows XP using Firefox 3 and latest trunk.
In a recent Firefox 2 version however I can reproduce a kind of hang but this needs an explicit approval to allow pop-ups from this site. It's not a serious hang; after a few seconds the windows close button reacts to the click and I can close the browser normally.
Do you get this in the Firefox safemode ?
WFM with Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b3) Gecko/20090305 Firefox/3.1b3
Severity: critical → major
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.