Closed Bug 600944 Opened 15 years ago Closed 15 years ago

Firewall shutdown by page visit.

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: hanshuber008, Unassigned)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Recently I had some bad experiences when I visited some adult content pages, with Javascript off, all Plugins and extensions off, history and cookies off. I don't know exactly what happens, but some servers seem to be capable of shutting my jetico firewall down. The icon will remain in the tray until the mouse is over it, forceing a graphical update that removes the tray icon. Virus scans did not find anything. Avast Antivirus claims to protect the bootup sequence from rootkits successfully. Unfort I could not identify the causing URLs so far. It's rather scary. I have to say, I just updated to Firefox 3.6.10. Could it be that this was some sort of DLL Injection vulnerability? And would this be fixed in version 3.6.10? Reproducible: Sometimes Steps to Reproduce: 1. A version older than 3.6.10 is needed, probably 3.5.x, with Jetico Personal Firewall 1.0 2. Javasctipt and all Plugins deactivated in Firefox. 3. Shady pages must be visited, be it adult, warez or something like that 4. It may be a matter of "luck" to find one of the infected nets. Actual Results: Some http-servers seem to be capable of shutting my jetico firewall down. The icon will remain in the tray until the mouse is over it, forceing a graphical update that removes the tray icon. (it's still there for some time, while the app is already shut down, so the user is not alarmed) Expected Results: Actually - nothing else than displaying plain html. Of course, maybe Firefox has nothing to do with it, other than contacting a webserver and telling them my IP. It may be a firewall problem only. Nonetheless, if there are similar problems on other systems, please let me know.
It's unknown why your firewall shuts down. YOu have to contact the Firewall support and not us. The DLL injection is fixed with 3.6.9 and 3.5.12 as you can read in the release notes. I will mark this report invalid because this can or will not be fixed in the Firefox source code.
Severity: critical → normal
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.