Closed Bug 794383 Opened 12 years ago Closed 12 years ago

tel: URLs (RFC 3966) should not be passed directly to the dialer

Categories

(Firefox for Android Graveyard :: General, defect)

Product:
Firefox for Android Graveyard
Component:
General
Version:
17 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 794034

People

(Reporter: david, Unassigned)

References

(
URL
)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0.1
Build ID: 20120905151427

Steps to reproduce:

Visited a test exploit page:

http://dylanreeve.com/phone.php

This tests for a remotely exploitable vulnerability on some Android phones, as described in:

http://nakedsecurity.sophos.com/2012/09/26/are-android-phones-facing-a-remote-wipe-hacking-pandemic/

This is a security issue. I have not ticked the security box as it is already in the public domain.


Actual results:

I got a popup with my IMEI number demonstrating that the exploit worked.

Had it been a malicious site it could have cause something worse such as a factory reset of my phone.


Expected results:

A pop up "Are you sure you want to dial: "tel:*#06#".

It would make sense for the filtering to only apply if the tel: url contains special characters, but not if it only contains numbers.
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
Product: Firefox for Android → Firefox for Android Graveyard
You need to log in before you can comment on or make changes to this bug.