Closed Bug 249770 Opened 21 years ago Closed 21 years ago

Frame Injection Flaw regressed and is visible in 1.8a milestone

Categories

(SeaMonkey :: Bookmarks & History, defect)

Product:
SeaMonkey
Component:
Bookmarks & History
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 246448

People

(Reporter: smkatz, Assigned: p_ch)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a1) Gecko/20040520
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a1) Gecko/20040520

I tested Securina's test, and it worked perfectly on the 1.8a milestone despite
the fact that even Securina admits it only works up through 1.6, and users of
the forum say it was patched in 1.7

Reproducible: Didn't try
Steps to Reproduce:
1. Follow Securina's testcase


Actual Results:  
The test (described in the link provided) works, indicating a security
vulnerability. specifically, it injects content from the frontmost window into
another window with frames.

Expected Results:  
It seems to me this justifies a security warning. I see legitamete uses for
injecting content. Never in e-mail, and if done from one domain to the other it
should raise red flags.

Since this is public, I was not sure whether security applied, but am checking
it anyway.
>User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a1)
Gecko/20040520

1.8a1 is too old to contain the fix (it was released more than three weeks
before 1.7). this is fixed for alpha2 and in current nightly builds.

clearing security-sensitive flag, since the other bug is already public.

*** This bug has been marked as a duplicate of 246448 ***
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.