Nelson: I understand you and Dan talked about this before he left. Any comments here?
Isn't this just a straight duplicate of bug 326628? Other than "backport bug 326628 to the 1.9.0 branch" I'm not sure what the expected resolution would be.
That's what Nelson said, too. We missed the UNC path issue which makes it sg:critical rather than sg:moderate (bug 326628 comment 23). We should backport this--but note bug 326628 comment 52 / bug 495756.
Why is it sg:critical? It can't be exploited without explicit user interaction.
Between the prompt being confusing and the attacker being able to put the prompt in a while(1) loop, I imagine it would have a pretty high chance of success.
Benjamin: Can you work on backporting bug 326628 to the 1.9.0 branch?
Fixed or duplicate of bug 326628 (fixed for 126.96.36.199 also).