I sent the following to the security list at 4:02 PM EST. I rate it a “critical” security vulnerability due to the harm it can inflict. This vulnerability is found in all Mozilla products to date (including nightlies).
Overview
Apparently Firefox has been making sexual advances towards Roomba’s (as seen on slashdot 02/05/2005), causing them to lock themselves in rooms in order to avoid being molested by the otherwise innocent looking Mozilla Products. Similar problems have been reported with other electronic devices: Toasters, VCR’s, Cell Phones, Alarm Clocks, Rosie the maid from the Jetsons, Johnny 5, R2D2, and Al Gore. I suspect people with pacemakers may be at risk, but I have yet to find any direct evidence or testimony.Analysis
The vulnerability seems to be in nsISEXUALadvance, though libPr0n may also be problematic. There are actually 3 distinct problems with nsISEXUALadvance:
- Doesn’t check to see if object.sexualDesire is of the same platform type
- Doesn’t check to see if object.sexualDesire is >= age Of Consent
- Doesn’t check to see if object.sexualAdvanceCount <= 1
I have yet to find if libPr0n has any influence on this bug. There is some research that suggests it many influence this behavior, though some ideological bias may be influencing that conclusion.
Products Effected
This vulnerability effects all Mozilla products tested.Recommendation
I’d suggest this block Firefox 1.1, as well as Mozilla 1.8b until it’s resolved.Provided and/or discovered by:
Robert Accettura Feb 5, 2005Etc.:
This fufills a statement that I gave Asa over IRC that I could beat some of the other goofy stuff that comes in to security@mozilla.org.