Closed Bug 5864 Opened 25 years ago Closed 24 years ago

If URL doesn't fit into location bar, browser displays right part of the URL

Tracking

(Not tracked)

Status:

VERIFIED WORKSFORME

People

(Reporter: michaell, Assigned: radha)

References

(
URL
)

Details

Michael La Guardia

Reporter

Description

•

25 years ago

From:
        "Juan Carlos Garcia Cuartango" <cuartangojc@mx3.redestb.es>
Subject:
        Communicatot 4.5 Frame Spoofing vulnerability
    To:
        "Chis Saito" <chriss@netscape.com>

Chris,There is a design flaw in the location bar of most of Internet browsers :
If the URL does not fit into the location box the browser will display the right
part of the URL, this behaviour produces a FRAME SPOOFING
security  hole.
I have only tested it with Communicartor 4.5 but I suspect previous versions are
also affected.There is a demo at
http://pages.whowhere.lycos.com/computers/cuartangojc/fspoof1.htmlI have
reported the issue using the official form. Russ Cooper
(NTBugtraq) give me your name as a rigth person to address the security
issues.Regards,Juan Carlos G. CuartangoPS,The same hole exists in
Microsoft Explorer browser I have also reported to them the issue.

don

Updated

•

25 years ago

Assignee: don → radha

Component: Apprunner → XPApps

Target Milestone: M9

don

Comment 1

•

25 years ago

Assigned to radha for M9.

leger

Comment 2

•

25 years ago

Updating QA Contact.

Radha on family leave (not reading bugmail)

Assignee

Updated

•

25 years ago

Status: NEW → ASSIGNED

Radha on family leave (not reading bugmail)

Assignee

Updated

•

25 years ago

Target Milestone: M9 → M13

rubydoo123

Updated

•

25 years ago

QA Contact: beppe → don

Radha on family leave (not reading bugmail)

Assignee

Updated

•

25 years ago

Target Milestone: M13 → M15

Radha on family leave (not reading bugmail)

Assignee

Updated

•

24 years ago

Target Milestone: M15 → M17

don

Comment 3

•

24 years ago

Move to M20 target milestone.

Target Milestone: M17 → M21

Paul Chen

Updated

•

24 years ago

Status: ASSIGNED → RESOLVED

Closed: 24 years ago

Resolution: --- → WORKSFORME

Paul Chen

Comment 4

•

24 years ago

nav triage team:

NS 6 RTM on Win2k doesn't exhibit the spoof. Marking W4M

Blake Ross

Updated

•

24 years ago

QA Contact: don → sairuh

sairuh (rarely reading bugmail)

Updated

•

24 years ago

QA Contact: sairuh → claudius

sairuh (rarely reading bugmail)

Comment 5

•

22 years ago

mass-verifying WorksForMe bugs which haven't changed since 2001.12.31.

set your search string in mail to "EmperorLondoMollari" to filter out these
messages.

Status: RESOLVED → VERIFIED

Myk Melez [:myk] [@mykmelez]

Updated

•

20 years ago

Product: Core → Mozilla Application Suite

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

If URL doesn't fit into location bar, browser displays right part of the URL

Categories

(SeaMonkey :: UI Design, defect, P3)

Tracking

(Not tracked)

People

(Reporter: michaell, Assigned: radha)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Comment 2

Updated

Updated

Updated

Updated

Updated

Comment 3

Updated

Comment 4

Updated

Updated

Comment 5

Updated