Bug 596743 - Firefox: DoS via email
Summary: Firefox: DoS via email
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://translate.google.com/translate...
Whiteboard: impact=none,reported=20100522,public=...
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-27 12:31 UTC by Jan Lieskovsky
Modified: 2015-08-19 08:48 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-05-27 12:37:01 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Jan Lieskovsky 2010-05-27 12:31:53 UTC
Security researcher, known under nickname "MustLive", reported:
  [1] http://www.securityfocus.com/archive/1/511327/100/0/threaded

a deficiency in the way Firefox processed web pages, with embedded
images, whose resource pointed to URL, which redirected to a "mailto:"
URL. If a local user was tricked into visiting of such web page,
it could lead to denial of service (excessive resources consumption
or crash).

References:
  [2] http://translate.google.com/translate?hl=en&u=http://websecurity.com.ua/4206/&sl=uk&tl=en
  [3] http://www.mozilla.org/security/announce/2010/mfsa2010-23.html

Public PoC:
  [4] http://websecurity.com.ua/uploads/2010/Firefox%20DoS%20Exploit.html

Comment 1 Jan Lieskovsky 2010-05-27 12:34:57 UTC
Official statement from Red Hat Security
Response Team, regarding this deficiency:
-----------------------------------------

Red Hat Security Response Team does not consider a user assisted
denial of service (and potential crash) of end user application,
such a Firefox, to be a security issue.


Note You need to log in before you can comment on or make changes to this bug.