Open
Bug 686152
Opened 13 years ago
Updated 2 years ago
Trojan injected "please give us your credit card details" into amazon.co.uk
Categories
(Firefox :: Security, defect)
Tracking
()
UNCONFIRMED
People
(Reporter: bugzilla, Unassigned)
Details
Attachments
(1 file)
User Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0 Build ID: 20110615151330 Steps to reproduce: Was attacked by a trojan - installed via a java vulnerability as far as I could tell. Actual results: ***Note the following will install a trojan on your machine! *** ***Ensure you use a throw-away limited user account to replicate the bug!*** - unzip the attached files - use rundll32.exe to run sw2.dll - run firefox (v5, may work with other versions) - connect to amazon.co.uk - Examine page source. Source will include the phrase "In order to provide you with extra security and prevent your account from possible unauthorized use, we occasionally need to ask for additional information." - depending on exactly how well the page source was attacked, a dialog box may appear on top of the page with said text, asking for credit card details Expected results: Firefox shouldn't allow sw2.dll to arbitrarily edit webpages that firefox downloads Ideally, Firefox would prevent badly written insecure java plugins from running and installing such trojans on my machine in the first place. :-)
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•