The default bug view has changed. See this FAQ.

(CVE-2012-1964) Mitigate clickjacking of about:certerror

RESOLVED FIXED in seamonkey2.21

Status

SeaMonkey
Security
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: Philip Chee, Assigned: Philip Chee)

Tracking

Trunk
seamonkey2.21

SeaMonkey Tracking Flags

(seamonkey2.18 affected, seamonkey2.19 fixed, seamonkey2.20 fixed, seamonkey2.21 fixed)

Details

(Whiteboard: [sg:moderate], URL)

Attachments

(1 attachment)

(Assignee)

Description

4 years ago
From Bug 633691:

> This patch hides the ability to add the override if the certificate error 
> occurs in a frame.
> 
> Users can still right click on the page and use the context menu "This Frame -> 
> Show Only This Frame" if they really need to override the certificate error. 
> This also gives users a better chance to see that the domains are different.
(Assignee)

Comment 1

4 years ago
Created attachment 748803 [details] [diff] [review]
Proposed fix.

Straight port of Bug 633691

Test:
data:text/html,<iframe width="700" height="700" src="https://access.techsmith.com"></iframe>
Assignee: nobody → philip.chee
Status: NEW → ASSIGNED
Attachment #748803 - Flags: review?(neil)
(Assignee)

Updated

4 years ago

Comment 2

4 years ago
Comment on attachment 748803 [details] [diff] [review]
Proposed fix.

>+        // or if thecerterror is in a frame (bug 633691).
Nit: spaces around cert
Attachment #748803 - Flags: review?(neil) → review+
(Assignee)

Comment 3

4 years ago
Pushed: http://hg.mozilla.org/comm-central/rev/e0d7a3d65d18
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
status-seamonkey2.18: --- → affected
status-seamonkey2.19: --- → affected
status-seamonkey2.20: --- → affected
status-seamonkey2.21: --- → fixed
Component: UI Design → Security
Resolution: --- → FIXED
Summary: Mitigate clickjacking of about:certerror → (CVE-2012-1964) Mitigate clickjacking of about:certerror
Target Milestone: --- → seamonkey2.21
(Assignee)

Comment 4

4 years ago
Comment on attachment 748803 [details] [diff] [review]
Proposed fix.

[Approval Request Comment]
Regression caused by (bug #): N/A

User impact if declined: Click-jacking attack vector on the about:certerror page.

Testing completed (on m-c, etc.): Fix Landed on Version: Firefox 11

Risk to taking this patch (and alternatives if risky): no risk anticipated

String or UUID changes made by this patch: none
Attachment #748803 - Flags: approval-comm-beta?
Attachment #748803 - Flags: approval-comm-aurora?

Updated

4 years ago
Attachment #748803 - Flags: approval-comm-beta?
Attachment #748803 - Flags: approval-comm-beta+
Attachment #748803 - Flags: approval-comm-aurora?
Attachment #748803 - Flags: approval-comm-aurora+
Dan, Al,

This was missed on our part from http://www.mozilla.org/security/announce/2012/mfsa2012-54.html :(

So we should update that mfsa for seamonkey.

Will be out in our 2.19 release (due out July 2)
Whiteboard: [sg:moderate]
(Assignee)

Comment 6

4 years ago
Pushed to branches:
https://hg.mozilla.org/releases/comm-aurora/rev/77ec547b5146
https://hg.mozilla.org/releases/comm-beta/rev/4340c4c52b8f
status-seamonkey2.19: affected → fixed
status-seamonkey2.20: affected → fixed
(In reply to Justin Wood (:Callek) from comment #5)
> Dan, Al,
> 
> This was missed on our part from
> http://www.mozilla.org/security/announce/2012/mfsa2012-54.html :(
> 
> So we should update that mfsa for seamonkey.
> 
> Will be out in our 2.19 release (due out July 2)

So it didn't go out in SeaMonkey 2.10?
(In reply to Al Billings [:abillings] from comment #7)
> (In reply to Justin Wood (:Callek) from comment #5)
> > Dan, Al,
> > 
> > This was missed on our part from
> > http://www.mozilla.org/security/announce/2012/mfsa2012-54.html :(
> > 
> > So we should update that mfsa for seamonkey.
> > 
> > Will be out in our 2.19 release (due out July 2)
> 
> So it didn't go out in SeaMonkey 2.10?

Not as far as I can tell
You need to log in before you can comment on or make changes to this bug.