X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Firefox replaced data on uploaded files with user information

Kuphostiwe

I used firefox to upload a 7z file into a website. Some time later I was reported the 7z file was returning CRC errors when decompressing. After downloading it from the website and comparing it against the original 7z (raw byte comparison) file I discovered a large section of the file, near the bottom, was replaced.

However the worst part is not that the file was corrupted but that the data inserted on the file contains user information. On thie section I found several strings matching all sorts of things:

  • URLs I have recently visited
  • Search bar history (searches I have recently done on google)
  • Login details saved on my firefox
  • part of pages I have recently visited

Is this a known issue? This is a big deal for me and I will stop using firefox until this is fixed.

I am using 60.0.1 (64-bit) over win8.1.

I used firefox to upload a 7z file into a website. Some time later I was reported the 7z file was returning CRC errors when decompressing. After downloading it from the website and comparing it against the original 7z (raw byte comparison) file I discovered a large section of the file, near the bottom, was replaced. However the worst part is not that the file was corrupted but that the data inserted on the file contains user information. On thie section I found several strings matching all sorts of things: * URLs I have recently visited * Search bar history (searches I have recently done on google) * Login details saved on my firefox * part of pages I have recently visited Is this a known issue? This is a big deal for me and I will stop using firefox until this is fixed. I am using 60.0.1 (64-bit) over win8.1.

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Shockwave Flash 29.0 r0

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0

Eminye Imininingwane

FredMcD
  • Top 10 Contributor
4246 izisombululo 59404 izimpendulo
Kuphostiwe

Impendulo Ewusizo

Any browser would only upload/download a file without making any changes.

You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no

Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.

Any browser would only upload/download a file without making any changes. You may have ad/mal-ware. Further information can be found in this article; https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no Run most or all of the listed malware scanners. Each works differently. If one program misses something, another may pick it up.

Umnikazi wombuzo

Antivirus has been always up to date on my system. I have been trying to figure out what is the problem but firefox continues to do it every now an then. Unfortunately I cannot install malware scanners, this is a corporate PC.

Thanks for the help anyway. I was great using firefox for about 12 years.

Antivirus has been always up to date on my system. I have been trying to figure out what is the problem but firefox continues to do it every now an then. Unfortunately I cannot install malware scanners, this is a corporate PC. Thanks for the help anyway. I was great using firefox for about 12 years.
FredMcD
  • Top 10 Contributor
4246 izisombululo 59404 izimpendulo
Kuphostiwe

Notify your boss And your IT that you found a security breach.

Notify your boss '''And''' your IT that you found a security breach.
jscher2000
  • Top 10 Contributor
8695 izisombululo 71066 izimpendulo
Kuphostiwe

I suggest filing a bug and seeing whether anyone can reproduce the issue with one of your problem files. If there are characters or codes in the file that cause Firefox to read beyond its expected end or to substitute other data from your hard drive or memory, that needs to be fixed. You might want to mark it security sensitive.

https://bugzilla.mozilla.org/

I suggest filing a bug and seeing whether anyone can reproduce the issue with one of your problem files. If there are characters or codes in the file that cause Firefox to read beyond its expected end or to substitute other data from your hard drive or memory, that needs to be fixed. You might want to mark it security sensitive. https://bugzilla.mozilla.org/