Closed Bug 559809 Opened 10 years ago Closed 10 years ago

Firefox allows malware to install extension without any confirmation requests

Categories

(Toolkit :: Add-ons Manager, defect, critical)

x86
Windows XP
defect
Not set
critical

Tracking

()

VERIFIED DUPLICATE of bug 476430

People

(Reporter: mikhail.kasimov, Unassigned)

References

(Blocks 1 open bug)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729)
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 (.NET CLR 3.5.30729)

Firefox allows malware to install extension without any confirmation requests.

Found a trojan which installs Firefox Addon (hxxp://www.malwaredomainlist.com/mdl.php?search=188.124.16.96).


Reproducible: Always

Steps to Reproduce:
1. Run trojan on virtual machine. It will regiser in windows autorun and create %PROGRAMFILES%\Mozilla Firefox\extensions\{8CE11043-9A15-4207-A565-0C94C42D590D} folder, with malware timer.xul file.
2. In extension-list window installed extension is 'Internal Security 1.0'
Actual Results:  
Malware extesion installs without any requests. So, Firefox allows to install it without any confirmation. It's serious security leak, imho.

Expected Results:  
Firefox and all Mozilla products will track hidden extension installations and show confirmation windows if it's needed.

dropper: (http://www.virustotal.com/analisis/9618163d80799bdce260a265c52815cff46e9b9473cd1feff78da09e80403701-1271424252)

timer.xul (http://www.virustotal.com/analisis/14b41a4d0e1ae923aab4a424da7aa8b17dfbc94ade9393baaae0178edee692d5-1271422084)
This bug does not need to stay hidden.
Group: core-security
Component: General → Add-ons Manager
Product: Firefox → Toolkit
QA Contact: general → add-ons.manager
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 476430
note: the warning from bug 476430 could be overridden by the malware. It's just not possible to protect the application files from other applications running with enough privileges.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.