Closed
Bug 989981
Opened 11 years ago
Closed 11 years ago
The plugin is about describing experience, work, relationship with some persons, describing experience with the sites.
Categories
(Firefox Graveyard :: Plugin Click-To-Activate Whitelist, defect)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: searchency, Assigned: benjamin)
Details
Plugin name: Searchency Vendor: http://searchency.com Point of contact: searchency@gmail.com Current version: 1.0 Download URL: http://by.searchency.com/downloads/last Sample URL of plugin in use: a) Please login the page http://by.searchency.com/searchency Credentials are: a.1) Account is testacc a.2) Password is pKbH65TD c) Please check page http://www.mamba.ru/en/mb946295495?hit=10 d) Please click special Searchency user icon e) Please set user rate and comment if you like and click special form button f) Please refresh the page and check user's scores Plugin details: Windows XP Enabled plugins Find updates for installed plugins at mozilla.com/plugincheck Java(TM) Platform SE 7 U45 File: npjp2.dll Path: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll Version: 10.45.2.18 State: Disabled Next Generation Java Plug-in 10.45.2 for Mozilla browsers MIME Type Description Suffixes application/x-java-applet Java Applet application/x-java-bean JavaBeans application/x-java-vm application/x-java-applet;version=1.1.1 application/x-java-bean;version=1.1.1 application/x-java-applet;version=1.1 application/x-java-bean;version=1.1 application/x-java-applet;version=1.2 application/x-java-bean;version=1.2 application/x-java-applet;version=1.1.3 application/x-java-bean;version=1.1.3 application/x-java-applet;version=1.1.2 application/x-java-bean;version=1.1.2 application/x-java-applet;version=1.3 application/x-java-bean;version=1.3 application/x-java-applet;version=1.2.2 application/x-java-bean;version=1.2.2 application/x-java-applet;version=1.2.1 application/x-java-bean;version=1.2.1 application/x-java-applet;version=1.3.1 application/x-java-bean;version=1.3.1 application/x-java-applet;version=1.4 application/x-java-bean;version=1.4 application/x-java-applet;version=1.4.1 application/x-java-bean;version=1.4.1 application/x-java-applet;version=1.4.2 application/x-java-bean;version=1.4.2 application/x-java-applet;version=1.5 application/x-java-bean;version=1.5 application/x-java-applet;version=1.6 application/x-java-bean;version=1.6 application/x-java-applet;version=1.7 application/x-java-bean;version=1.7 application/x-java-applet;jpi-version=1.7.0_45 application/x-java-bean;jpi-version=1.7.0_45 application/x-java-vm-npruntime application/x-java-applet;deploy=10.45.2 application/x-java-applet;javafx=2.2.45 Java Deployment Toolkit 7.0.450.18 File: npdeployJava1.dll Path: C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll Version: 10.45.2.18 State: Disabled (STATE_VULNERABLE_NO_UPDATE) NPRuntime Script Plug-in Library for Java(TM) Deploy MIME Type Description Suffixes application/java-deployment-toolkit VLC Web Plugin File: npvlc.dll Path: C:\Program Files\VideoLAN\VLC\npvlc.dll Version: 2.1.0.0 State: Disabled VLC media player Web Plugin 2.1.0 MIME Type Description Suffixes audio/mpeg MPEG audio mp2,mp3,mpga,mpega audio/x-mpeg MPEG audio mp2,mp3,mpga,mpega video/mpeg MPEG video mpg,mpeg,mpe video/x-mpeg MPEG video mpg,mpeg,mpe video/mpeg-system MPEG video mpg,mpeg,mpe,vob video/x-mpeg-system MPEG video mpg,mpeg,mpe,vob audio/mp4 MPEG-4 audio aac,mp4,mpg4 audio/x-m4a MPEG-4 audio m4a video/mp4 MPEG-4 video mp4,mpg4 application/mpeg4-iod MPEG-4 video mp4,mpg4 application/mpeg4-muxcodetable MPEG-4 video mp4,mpg4 video/x-m4v MPEG-4 video m4v video/x-msvideo AVI video avi application/ogg Ogg stream ogg video/ogg Ogg video ogv application/x-ogg Ogg stream ogg application/x-vlc-plugin VLC plug-in video/x-ms-asf-plugin Windows Media Video asf,asx video/x-ms-asf Windows Media Video asf,asx application/x-mplayer2 Windows Media video/x-ms-wmv Windows Media wmv video/x-ms-wvx Windows Media Video wvx audio/x-ms-wma Windows Media Audio wma application/x-google-vlc-plugin Google VLC plug-in audio/wav WAV audio wav audio/x-wav WAV audio wav audio/3gpp 3GPP audio 3gp,3gpp video/3gpp 3GPP video 3gp,3gpp audio/3gpp2 3GPP2 audio 3g2,3gpp2 video/3gpp2 3GPP2 video 3g2,3gpp2 video/divx DivX video divx video/flv FLV video flv video/x-flv FLV video flv application/x-matroska Matroska video mkv video/x-matroska Matroska video mkv audio/x-matroska Matroska audio mka application/xspf+xml Playlist xspf xspf audio/x-mpegurl MPEG audio m3u video/webm WebM video webm audio/webm WebM audio webm application/vnd.rn-realmedia Real Media File rm audio/x-realaudio Real Media Audio ra audio/amr AMR audio amr audio/x-flac FLAC audio flac Adobe Acrobat File: nppdf32.dll,nppdf32.dll Path: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll,C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll Version: 11.0.4.63 State: Disabled Adobe PDF Plug-In For Firefox and Netscape 11.0.04 MIME Type Description Suffixes application/pdf Acrobat Portable Document Format pdf application/vnd.adobe.pdfxml Adobe PDF in XML Format pdfxml application/vnd.adobe.x-mars Adobe PDF in XML Format mars application/vnd.fdf Acrobat Forms Data Format fdf application/vnd.adobe.xfdf XML Version of Acrobat Forms Data Format xfdf application/vnd.adobe.xdp+xml Acrobat XML Data Package xdp application/vnd.adobe.xfd+xml Adobe FormFlow99 Data File xfd application/pdf Acrobat Portable Document Format pdf application/vnd.adobe.pdfxml Adobe PDF in XML Format pdfxml application/vnd.adobe.x-mars Adobe PDF in XML Format mars application/vnd.fdf Acrobat Forms Data Format fdf application/vnd.adobe.xfdf XML Version of Acrobat Forms Data Format xfdf application/vnd.adobe.xdp+xml Acrobat XML Data Package xdp application/vnd.adobe.xfd+xml Adobe FormFlow99 Data File xfd Shockwave Flash File: NPSWF32_11_7_700_224.dll Path: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll Version: 11.7.700.224 State: Disabled Shockwave Flash 11.7 r700 MIME Type Description Suffixes application/x-shockwave-flash Adobe Flash movie swf application/futuresplash FutureSplash movie spl Microsoft® DRM File: npdrmv2.dll Path: C:\Program Files\Windows Media Player\npdrmv2.dll Version: 9.0.0.4503 State: Disabled DRM Netscape Network Object MIME Type Description Suffixes application/x-drm-v2 Network Interface Plugin nip Windows Media Player Plug-in Dynamic Link Library File: npdsplay.dll Path: C:\Program Files\Windows Media Player\npdsplay.dll Version: 3.0.2.629 State: Disabled Npdsplay dll MIME Type Description Suffixes application/asx Media Files * video/x-ms-asf-plugin Media Files * application/x-mplayer2 Media Files * video/x-ms-asf Media Files asf,asx,* video/x-ms-wm Media Files wm,* audio/x-ms-wma Media Files wma,* audio/x-ms-wax Media Files wax,* video/x-ms-wmv Media Files wmv,* video/x-ms-wvx Media Files wvx,* Microsoft® DRM File: npwmsdrm.dll Path: C:\Program Files\Windows Media Player\npwmsdrm.dll Version: 9.0.0.4503 State: Disabled DRM Store Netscape Plugin MIME Type Description Suffixes application/x-drm Network Interface Plugin nip Rating Delete Windows 7 - the same Windows 8 - the same Are there any variations in the plugin file name, MIME types, description, or version from one release to the next? a.1) At May, 15 2014 we plan to rid the binary libraries (dlls) off the plugin and to place Emscripten-compilant code instead, so we plan to rid the next files: a.1.1) searchency@bzivev.com\chrome\content\libs\winx86\libwebp.dll a.1.2) searchency@bzivev.com\chrome\content\libs\winx86\libgcc_s_dw2-1.dll a.1.3) searchency@bzivev.com\chrome\content\libs\winx86\libssp-0.dll a.1.4) searchency@bzivev.com\chrome\content\libs\winx86\glut32.dll a.1.5) searchency@bzivev.com\chrome\content\libs\winx86\zlib1.dll a.1.6) searchency@bzivev.com\chrome\content\libs\winx86\jpeg62.dll a.1.7) searchency@bzivev.com\chrome\content\libs\winx86\libtiff3.dll a.1.8) searchency@bzivev.com\chrome\content\libs\winx86 a.1.9) searchency@bzivev.com\chrome\content\libs a.2) At May,1 2014 we plan to avoid using the JQuery library, so we plan to rid next files off the plugin: a.2.1) searchency@bzivev.com\chrome\content\jquery.min.js a.2.2) searchency@bzivev.com\chrome\content\jquery.knob.js a.2.3) searchency@bzivev.com\chrome\content\jquery-ui.js a.2.4) searchency@bzivev.com\chrome\content\jquery.formstyler.js b) MIME types the same c) Description the same d) Version variations planned d.1) Version 1.1 at May, 1 2014 d.2) Version 1.5 at June, 1 2014 Are there any known security issues in current or older versions of the plugin? Regarding the facts listed below here are no security issues in the Searchency plugin: a) JavaScript code doesn't use here eval JavaScript function calls b) Clientside WebP convertor library is about native Google sources had been rebuilt c) Clientside WebP convertor library uses libssp-0 stack-smash protection library
Assignee | ||
Comment 1•11 years ago
|
||
You seem to be talking about a specific application of the Java plugin. We are only accepting plugin whitelist requests from plugin vendors, and Java is not a candidate for the whitelist.
Status: UNCONFIRMED → RESOLVED
Closed: 11 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 2•11 years ago
|
||
Greetings, I'm presenting the vendor company of the Plugin. I'm sorry but it’s not too clear for me, what is your note about Java nature of the plugin is based on. The Plugin used only technologies on plugin development are JavaScript-based scripts and js-ctypes libraries binding. Please confirm that you are referring specifically to my plugin, not the other one. Please let me know is something wrong with the Plugin. Thank you, Best regards, CEO Maksim Rudzenka
Assignee | ||
Comment 3•11 years ago
|
||
This whitelist is about NPAPI plugins only, and has nothing to do with javascript or ctypes.
Reporter | ||
Comment 4•11 years ago
|
||
Greetings, Please let me know is it right own-developed XPI Firefox extension would not be blocked on terms of Mozilla Click-to-Activate Policy? Thank you, Best regards, CEO Maksim Rudzenka
Assignee | ||
Comment 5•11 years ago
|
||
The plugin policy has nothing to do with extensions.
Updated•9 years ago
|
Product: Firefox → Firefox Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•