Firefox vulnerable to XP Antivirus 2009 & Variants




9 years ago
7 years ago


(Reporter: Tim Smith, Unassigned)


3.0 Branch
Windows XP

Firefox Tracking Flags

(Not tracked)


(Whiteboard: [CLOSEME 2011-2-15], URL)



9 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2009011913 Firefox/3.0.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/2009011913 Firefox/3.0.6

OS: XP Pro SP3.  Anti virus: McAfee Enterprise 8.5.0i (scan engine 5300.2777, Dat Version 5533.0000 02-22-09)  When accessing the URL listed above using Firefox 3.0.6. a Script execution attempts to install a variant of XP Anti virus 2008.  Script execution is blocked by McAfee when the URL listed above is accessed using Microsoft Internet Explorer 7.

Reproducible: Always

Steps to Reproduce:
1.  Google search "Candace Smith Survivor)
2.  Click on link for
3.  Pop up displays misleading information about virus infection prompting user for action which causes Mal ware to be installed.
Actual Results:  
Mal ware will be installed on target PC.  See the following for further details:

Expected Results:  
I would expect the security software to protect the browsing experience regardless of which browser I use. 

This is the first time I have experienced IE 7 providing better security / integration than Firefox.  I prefer Firefox and use it exclusively with exceptions only where required.  XP Anti Virus 2009 and it variants have caused others at my company considerable down time and I am surprised that Firefox is vulnerable.  If this is a McAfee problem then I apologize for this post.
The URL in comment#3 doesn't cause any popups.

You mean that Firefox is vulnerable, does that mean that the malware installs on that page without that the user gets a prompt from Firefox ?


9 years ago
Version: unspecified → 3.0 Branch
Reporter, are you still seeing this issue with Firefox 3.6.13 or later in safe mode or a fresh profile? If not, please close. These links can help you in your testing.
Whiteboard: [CLOSEME 2011-2-15]
No reply from reporter, INCOMPLETE. Please retest with Firefox 4 or later and a new profile ( If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
Last Resolved: 7 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.