Closed Bug 601527 Opened 14 years ago Closed 14 years ago

CSS Exploit allows for Privacy Invasion

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 147777

People

(Reporter: trappmanrhett, Unassigned)

References

(
URL
)

Details

(Keywords: privacy)

Attachments

(1 file)

"Proof Of Concept"
(deleted), application/x-javascript
Details
User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:2.0b6) Gecko/20100101 Firefox/4.0b6 Build Identifier: Mozilla/5.0 (Windows NT 6.0; rv:2.0b6) Gecko/20100101 Firefox/4.0b6 Please see attached "proof of concept". Reproducible: Always
Attached file "Proof Of Concept" (deleted) —
Version: unspecified → Trunk
URL: http://samy.pl/mapxss/
Keywords: privacy
What version of Firefox did you test this on?
4.0 Beta 6, but it also works on 3.X
Do you have a URL where the whole thing is hosted, or do I have to incorporate that JavaScript snippet into a site in order to test? This should have been fixed in 4.0 by bug 147777.
A working copy of Jeremiah Grossman's code is hosted on ha.ckers.org http://ha.ckers.org/weird/CSS-history-hack.html The same technique is used for this gender test http://www.mikeonads.com/2008/07/13/using-your-browser-url-history-estimate-gender/ Neither example "works" in Firefox 4 due to the fix for bug 147777. Compare the results with Firefox 3.6 or any other browser.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: