Flaw in Firefox 3.0: protocol-handler.warn-external are ignored

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1052686 漏洞类型
发布时间 2008-06-19 更新时间 2008-06-19
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2008060057
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
these protocol-handler security settings are ignored although they're
set to 'true' and no warnings are shown:

network.protocol-handler.warn-external.mailto
network.protocol-handler.warn-external.news
network.protocol-handler.warn-external.nntp
network.protocol-handler.warn-external.snews
(in about:config)

For example,
I set network.protocol-handler.warn-external.mailto to 'true', clicked
on an e-mail link and Windows Mail is launched without any warnings
(tested on Firefox 3.0 on Windows Vista SP1)