Closed
Bug 598532
Opened 14 years ago
Closed 8 years ago
Problem crash if I use asx player for listening to music [@ @0x99bb2b03 | UserCallWinProcCheckWow]
Categories
(Plugins Graveyard :: RealPlayer (Real), defect)
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: luisdalva, Unassigned)
Details
(Keywords: crash)
Crash Data
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; pt-PT; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; pt-PT; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 If I visit a site that uses frame, And if you had embed a player asx, Browser crash's, and maybe could run malicious commands .. Reproducible: Always Steps to Reproduce: 1. Create a frame pointing to two pages ( Only a FRAME not work with Iframe ) 2. Create a valid Asx pointing a streaming music server operating 3. Asx embed a player in one of the pages included in the frame 4. Another page in the frame include some pictures or something that creates a delay to load the media page 2 to 3 seconds .. Actual Results: Browser crach and so can be closed using ctrl + alt + del or restarting the computer, I think it can also be used to download malicious code or create malicious instructions using an exploit .. Expected Results: I do not know if I understand the question, but I think it is one's own error firefox Main concerns with this bug, - Migration of people who listen to radio for other browsers - Possibly Maybe use it for malicious purposes This is my first sending bug, I'm student I'm 17 years old and am studying "Informatica de Gestão" (Computing Management) in Portugal, I asked my mother permission to send you the vulnerability, I would like to receive some money for this vulnerability have found to help me because I want to make the University of informatics and it would help a lot! I do not care to create videos demonstrating the vulnerability if you want! I think I deserve because I'm two days sleeping late and almost got missing in the morning math lesson for trying to understand why the firefox crached on some sites, if that happens I promise I'll look even more vulnerabilities to make firefox more secure, Computing is something that I love and not trade my computer for full php code on a computer 10x better without backup's Windows 7 4 G Ram 250HD+250HD Thank you, Luis Faria
Reporter | ||
Updated•14 years ago
|
Whiteboard: security@mozilla.org
Comment 1•14 years ago
|
||
There is not enough information in this report to reproduce the crash. If you have a testcase or a URL that causes the crash, please post it here.
Whiteboard: [sg:needinfo]
Reporter | ||
Comment 2•14 years ago
|
||
I have 3 urls having a crash and I have a crash html and asx code, See here, www.radiohunter.com.br www.radioevolutionx.org www.radiofusion.com.br, I also know reproduce the problem, causing crash How can I send a video testcase for you? Thank You, Luís Faria
Comment 3•14 years ago
|
||
Luís, it's rather annoying for you to go back and re-add the security@mozilla.org email alias from this bug after I removed it. This does not help bring attention to this bug in any way, and there is a large group of people who recieve mail sent there and I want to reduce the amount of bugmail that gets sent there. Please don't add it back. With that said, I will investigate the links you sent to see if I can reproduce the crash.
Comment 4•14 years ago
|
||
In the meantime, if there are any links to crash reports saved in your browser, please paste them here. You can find the crash reports by entering about:config in the location bar.
Comment 5•14 years ago
|
||
I loaded all three of the sites you mentioned in comment 2 and none of them caused a crash for me on Windows with Flash installed. I clicked around a bunch and did not experience any crashes. Do you have an old version of some plugins installed? You can check by visiting: http://www.mozilla.com/plugincheck/
Group: core-security
Whiteboard: [sg:needinfo]
Reporter | ||
Comment 6•14 years ago
|
||
Please put this ticket as necessary to pass confidential information confidential
Reporter | ||
Comment 7•14 years ago
|
||
Is very important to have the information that you need to go put restrict access as quickly as possible !! I apologize for adding security@mozilla.org but mail is really important information that you have to also pass sensitive information sent to this address in order to make the process faster
OS: Windows 7 → Windows XP
Comment 8•14 years ago
|
||
(In reply to comment #4) > In the meantime, if there are any links to crash reports saved in your browser, > please paste them here. You can find the crash reports by entering > about:config in the location bar. about:crashes, actually.
Comment 9•14 years ago
|
||
(In reply to comment #6) > Please put this ticket as necessary to pass confidential information > confidential What confidential information? Nothing in the bug has needed to be private at all.
Comment 10•14 years ago
|
||
of the sites mentioned in comment 2 there are only a few instances of crash reports being sent since the beginning of Sept. 172:crashdata chofmann$ grep www.radiofusion.com.br 201009* | awk -F\t '{print $1,$2}' 20100901-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_preto/indexoff.php 20100901-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_preto/indexoff.php 20100902-crashdata.csv:urlmon.dll@0x14320 http://www.radiofusion.com.br/player_branco/indexoff.php 20100903-crashdata.csv:@0x0 | wmp.dll@0x1869ce http://www.radiofusion.com.br/ 20100903-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_branco/indexoff.php 20100905-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_branco/indexoff.php 20100905-crashdata.csv:wmp.dll@0x1991e8 http://www.radiofusion.com.br/player_verde/indexoff.php 20100907-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_preto/indexoff.php 20100910-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/ 20100911-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_branco/indexoff.php 20100913-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/ 20100914-crashdata.csv:UserCallWinProcCheckWow http://www.radiofusion.com.br/player_branco/index.php 20100916-crashdata.csv:@0x0 | CdxmPlay::CloseGraph(int) http://www.radiofusion.com.br/ 20100918-crashdata.csv:@0x0 | urlmon.dll@0x71dc http://www.radiofusion.com.br/player_branco/indexoff.php 172:crashdata chofmann$ grep www.radiohunter.com.br 201009* | awk -F\t '{print $1,$2}' 20100905-crashdata.csv:`anonymous namespace''::TimerExpiredTask::`scalar deleting destructor''(unsigned int) http://www.radiohunter.com.br/data/home/inair/index.php 20100912-crashdata.csv:wmp.dll@0x16eda2 http://www.radiohunter.com.br/data/pages/players/topo/1/stop.php 20100912-crashdata.csv:UserCallWinProcCheckWow http://www.radiohunter.com.br/site/player.php
Reporter | ||
Comment 11•14 years ago
|
||
I need to pass data to ftp you the testcase and download video that shows information on the testcase, I would like to add that this bug is on the newest version of firefox and not in earlier, that if you really want to fix the bug .. .
Comment 12•14 years ago
|
||
(In reply to comment #11) > I need to pass data to ftp you the testcase and download video that shows > information on the testcase, I would like to add that this bug is on the newest > version of firefox and not in earlier, that if you really want to fix the bug > .. . You can e-mail the FTP details to security@mozilla.org, but the actual discussions should always be held in this bug.
Reporter | ||
Comment 13•14 years ago
|
||
The data were sent ftp please check in the mail security@mozilla.org, Thank You, Luis Faria
Comment 14•14 years ago
|
||
I downloaded the files from your FTP server and loaded the index file several times and observed no crashes. Please go to about:crashes and paste any relevant links to crash reports in this bug.
Reporter | ||
Comment 15•14 years ago
|
||
Please see the video I already asked my friends who are using the latest version of Firefox is also the same problem occurs
Reporter | ||
Comment 16•14 years ago
|
||
Firefox 3.6.10 is my version of firefox, attention does not occur in smaller versions to this version or 4 beta releases .. Use this version to make the test-bug it's the latest available version of firefox 3.6
Comment 17•14 years ago
|
||
Luís, we have asked about this several times. Do you see the Firefox crash reporter appear when you hit the problem loading your test case, or when you visit the sites you mentioned in comment 2? If you see the Firefox crash reporter then there should be an entry for the report when you view the web page about:crashes type this in the location bar of the browser, and paste links for your most recent crash reports in this bug. Its its also possible that the crash is in the ASX player that you mentioned. Your crash report will help us to figure that out. The source and version number of your ASX player might also help to understand why you see the crash and others can not reproduce.
Reporter | ||
Comment 18•14 years ago
|
||
I am sending the log crashs ---------------------------------- ID do Relatório Data de Submissão bp-d116463a-8478-4c76-88b1-b39542100921 21-09-2010 20:06 bp-8103f654-3cee-44b2-b7d7-65c2a2100921 21-09-2010 20:02 bp-bf74d35c-a8d3-4daa-8275-c11312100920 21-09-2010 00:32 bp-e1a609e4-0ec6-45ae-a976-9d9702100920 20-09-2010 23:59 bp-6e0e19e5-a668-46db-9bba-abd9f2100920 20-09-2010 23:52 ------------- Thank You, Luís Faria
Reporter | ||
Comment 19•14 years ago
|
||
I found out what the problem, the problem is the plugin RealPlayer Browser Record Plugin 1.1.5 that comes with the RealPlayer software available at http://www.real.com/realplayer, now the question that arises is you create a fix for this or speak with the company for RealPlayer that will fix this problem? Thank You, Luís Faria
Comment 20•14 years ago
|
||
4/5 of the crashes are this: Signature UserCallWinProcCheckWow UUID d116463a-8478-4c76-88b1-b39542100921 Time 2010-09-21 12:06:20.658079 Uptime 17 Last Crash 34 seconds before submission Install Age 323068 seconds (3.7 days) since version was first installed. Product Firefox Version 3.6.10 Build ID 20100914125854 Branch 1.9.2 OS Windows NT OS Version 6.1.7600 CPU x86 CPU Info GenuineIntel family 6 model 23 stepping 6 Crash Reason EXCEPTION_ACCESS_VIOLATION_EXEC Crash Address 0xffffffff99bb2b03 User Comments Processor Notes EMCheckCompatibility False Related Bugs * Bug 585660 UNCONFIRMED Crash after javascript remove Embed (flash or quicktime tested) element [@ UserCallWinProcCheckWow ] * Bug 516182 VERIFIED DUPLICATE firefox crashes when I log out of gmail [@UserCallWinProcCheckWow ] * Bug 590078 RESOLVED DUPLICATE firefox crashed when I push go back button. [@ UserCallWinProcCheckWow] * Bug 569498 RESOLVED DUPLICATE Navigating through pages with embedded PDF documents causes the browser to hang and then crash [@ UserCallWinProcCheckWow ] * Bug 556483 RESOLVED DUPLICATE Crash while closing Firefox Window [@ UserCallWinProcCheckWow ] * Bug 522070 VERIFIED DUPLICATE Firefox crashes when working with Gmail [@UserCallWinProcCheckWow ] Crashing Thread Frame Module Signature [Expand] Source 0 @0x99bb2b03 1 user32.dll UserCallWinProcCheckWow 2 user32.dll DispatchClientMessage 3 user32.dll __fnDWORD 4 ntdll.dll ntdll.dll@0x4642d 5 user32.dll RealDefWindowProcW 6 user32.dll DefWindowProcW 7 user32.dll InternalCallWinProc 8 user32.dll UserCallWinProcCheckWow 9 user32.dll CallWindowProcAorW 10 user32.dll CallWindowProcW 11 xul.dll nsWindow::WindowProc widget/src/windows/nsWindow.cpp:3732 12 user32.dll InternalCallWinProc 13 user32.dll UserCallWinProcCheckWow 14 user32.dll DispatchClientMessage 15 user32.dll __fnDWORD 16 ntdll.dll ntdll.dll@0x4642d 17 user32.dll PeekMessageW 18 xul.dll nsAppShell::ProcessNextNativeEvent widget/src/windows/nsAppShell.cpp:172 19 xul.dll nsBaseAppShell::OnProcessNextEvent widget/src/xpwidgets/nsBaseAppShell.cpp:299 20 xul.dll nsThread::ProcessNextEvent xpcom/threads/nsThread.cpp:508 21 xul.dll mozilla::ipc::MessagePump::Run ipc/glue/MessagePump.cpp:118 22 xul.dll xul.dll@0x9604c7 23 xul.dll MessageLoop::RunHandler ipc/chromium/src/base/message_loop.cc:199 24 mozcrt19.dll malloc obj-firefox/memory/jemalloc/crtsrc/jemalloc.c:5790 25 xul.dll xul.dll@0x2ef303 26 xul.dll xul.dll@0x30ab2f 27 firefox.exe firefox.exe@0x1b97 28 ntdll.dll ntdll.dll@0x1d75c 29 ntdll.dll ntdll.dll@0x5b467 30 firefox.exe firefox.exe@0x183f 31 firefox.exe firefox.exe@0x183f Filename Version Debug Identifier Debug Filename rpnpshimswf.dll E29C62D3EA0D499EBE42594F39C3C6E6c rpthinpluginshim.pdb wmploc.DLL 12.0.7600.16415 wmp.dll 12.0.7600.16415 C0C33E5C2324484795DBA237061E931B2 wmp_notestroot.pdb mf.dll 12.0.7600.16385 2937C674291E484FA338CE3EB2021C412 mf.pdb rpmainbrowserrecordplugin.dll 12.0.1.455 019CC31E6CC84A0AA0DE85C99EDD38AA1f rpmainbrowserrecordplugin.pdb rpnpshimwmp.dll E29C62D3EA0D499EBE42594F39C3C6E6c rpthinpluginshim.pdb nprpffbrowserrecordext.dll 386963E89A0441898398B91FBD5BED248 nprpffbrowserrecordext.pdb rpchromebrowserrecordhelper.dll 20B225090DB44E6A91B26BDCCB25F1A27 rpchromebrowserrecordhelper.pdb mfps.dll 12.0.7600.16385 54AC71FB480C45D1B0CBE87FE3B4C3B32 MFPS.pdb np-mswmp.dll 1.0.0.8 1150E443A97A459B8D2023ECA2594F3E1 np-mswmp.pdb sfShellTools.dll 1.0.24.0 35733B500EE042A0917D3CDB804633CE1 sfShellTools.pdb As the last frame isn't ours, I don't think we can fix this.
Component: General → RealPlayer (Real)
Product: Firefox → Plugins
QA Contact: general → real-player
Summary: Problem crash if I use asx player for listening to music, Critical Problem → Problem crash if I use asx player for listening to music [@ @0x99bb2b03 | UserCallWinProcCheckWow]
Version: unspecified → 12.x
Comment 21•14 years ago
|
||
sorry, strike the 4/5 line, all of your crashes are that :)
Assignee | ||
Updated•13 years ago
|
Crash Signature: [@ @0x99bb2b03 | UserCallWinProcCheckWow]
Comment 22•8 years ago
|
||
Closing old bugs in the Plugins component. We aren't going to track issues in 3rd-party plugins in the Mozilla bug tracker. In addition, support for NPAPI plugins will be removed at the end of this year; for more details see the post at https://blog.mozilla.org/futurereleases/2015/10/08/npapi-plugins-in-firefox/ If there is a serious bug in Firefox, it needs to be filed in the "Core" product, "Plug-Ins" component.
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
Assignee | ||
Updated•8 years ago
|
Product: Plugins → Plugins Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•