« previous next »
Pages: [1]   Go Down

Author Topic: Intercept e-mail URL exploits in Firefox or Flock!  (Read 3559 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33903
  • malware fighter
Intercept e-mail URL exploits in Firefox or Flock!
« on: April 29, 2008, 09:27:14 PM »
[tweak.firefox] Intercept e-mail URL exploits
On the Internet you may come across mailto:/ links. These links automatically start up your standard e-mail program when you (would) link to it. However these mailto:/ link could have security leaks so whatever command can be executed (eg. a format of C: disk in dos!). In Firefox here exists an option that makes you a bit more secure against these potential dangerous mailto:/ links.
In the address bar you now give in: "about:config" (without "")
Then you look in filter for "warn-external", and then with the other side of the mouse you click "network.protocol-handler.warn-external.mailto" and click to change the value would become to read true. In this case you will get a warning with the full URL and you can cancel the dangerous command in time. You could follow a similar procedure for "network.protocol-handler.warn-external.news" so usenet programs are not started by default with a possibly dangerous command,

polonus
« Last Edit: April 29, 2008, 09:44:57 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Dwarden

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1793
  • Ideas, that's ocean without borders!
    • Bohemia Interactive
Re: Intercept e-mail URL exploits in Firefox or Flock!
« Reply #1 on: April 29, 2008, 09:58:47 PM »
btw these attached screenshots appear for me to be just mini previews ...

please use e.g. imageshack and IMG links ...
Logged
https://twitter.com/FoltynD , Tech. Community, Online Services & Distribution manager of Bohemia Interactive

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33903
  • malware fighter
Re: Intercept e-mail URL exploits in Firefox or Flock!
« Reply #2 on: April 30, 2008, 12:35:26 AM »
Hi Dwarden,

Here you go, click for enlargment,

pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89061
  • No support PMs thanks
Re: Intercept e-mail URL exploits in Firefox or Flock!
« Reply #3 on: April 30, 2008, 12:58:58 AM »
Hi polonus,
You seem to have another preference name there, network.protocol-handler.warn-external.file value = false.
That preference name it isn't in FF 2.0.0.14 is this a new value in a later beta version ?

I would have though that you would have set that to True also as running an external file would seem to pose a greater risk ?
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »