[Tickets #9552] Security issue
bugs at horde.org
bugs at horde.org
Sat Jan 29 11:44:47 UTC 2011
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/9552
------------------------------------------------------------------------------
Ticket | 9552
Created By | agullo at ati.es
Summary | Security issue
Queue | IMP
Version | 4.2
Type | Bug
State | Unconfirmed
Priority | 3. High
Milestone |
Patch |
Owners |
+New Attachment | Message_Source.txt
------------------------------------------------------------------------------
agullo at ati.es (2011-01-29 06:44) wrote:
A few minutes ago I received this spam message. It seemed very
similar to the spam I receive usually, so I clicked on Delete... but
instead of being deleted, it just made the browser tab unusable.
Tested on Windows Vista Ultimate Service Pack 2, with the following browsers:
-Google Chrome: IMP tab becomes unusable, all links rendered
ineffectual. The only escape is to use the Horde menu if you have it,
or hit the browser "Back" button.
-Internet Explorer: Cannot use it. Keeps telling me that my browser
has changed since the start of my session, so I must log in again...
and again.. and again... despite already having logged out in every
browser.
-Mozilla Firefox: IMP tab becomes unusable, no matter where I click it
opens a tab to the spam website - not even Log out works. The only
escape is to use the Horde menu if you have it, or hit the browser
"Back" button. Having "NoScript" and using it to block the webmail
doesn't prevent the issue from happening.
-Safari: IMP tab becomes unusable, no matter where I click it opens a
windows to the spam website - not even Log out works. The only escape
is to use the Horde menu if you have it, or hit the browser "Back"
button.
-Opera: The only one to work all right - the one which allowed me to
save the message source.
More information about the bugs
mailing list