Closed Bug 916583 Opened 11 years ago Closed 11 years ago

[SECURITY] Remote address book spam

Categories

(Firefox for Android Graveyard :: Download Manager, defect)

Product:
Firefox for Android Graveyard
Component:
Download Manager
Version:
24 Branch
Platform:
All
Android
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 690252

People

(Reporter: deax0u, Unassigned)

Details

Attachments

(2 files)

mkpayload.py
894 bytes, text/plain
Details
example vCard
644 bytes, text/vcard
Details
Attached file mkpayload.py 
Hello,

I want to report a firefox android bug I've found. It's possible to fill the
address book with a special http response.

I've attached a python script to generate a .vcf file with junk contacts. If
this file is served as text/x-vcard it will trigger a download and
automatically import this file into the address book.

I've tested this on android 4.0.4.

There is no android security component, so I've filed it here.

I don't have any experience in writing such reports so I hope it's OK. Please feel free to contact me for further information.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: sec-bounty?
bug 690252 should fix this. Will attach a test file.
Attached file example vCard 

    
    

    
  
Tested and verified that this is a duplicate of 690252
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
Flags: sec-bounty? → sec-bounty-

    
    

    
  
Are there any further news?

I guess I didn't qualify for the T-shirt, right?

Also, this is quite embarrassing but my mailbox expired. If you've sent any mails I didn't get them. Please excuse me if you've been waiting for a reply somewhere.

I'm not able to open bug 690252 but I would appreciate some information about it, like the report date or a short summary of the issue described in the bug. I don't know if your policy allows that, though.

Thanks in advance.

    
    

    
  
This bug was already fixed by disabling the auto launch of all files. Which is the fix for bug 690252. The fix landed in our integration tree on Sept 12th and was in our Nightly builds on Sept 13th or 14th. Since your bug was already fixed by the bug mentioned we closed it out as a duplicate.

    
  
Group: core-security → core-security-release
Group: core-security-release

    
  
Product: Firefox for Android → Firefox for Android Graveyard

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: