Popup ads bypassing popup settings

Just saw it again. The scamming website is ad.yieldmanager.com. Below is the source from the window that pops up, which actually looks like it contains a buffer overflow exploit (the long string of As?). There is no corresponding reference in the actual window that triggered the popup, so I'm not sure how it's being done there. However, that window does report that Firefox prevented a popup from opening?

<html><head><title>Live and work in the USA.</title></head><body style="margin-left: 0%; margin-right: 0%; margin-top: 0%; margin-bottom: 0%"><iframe scrolling="no" marginwidth="0" marginheight="0" frameborder="0" height="100%" width="100%" src="http://ad.yieldmanager.com/iframe3?YSAAAAlTAgBkvwEAOwMBAAAA.AEAAP8A.wD..wACAAIi.AEASxwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM-2.KczQ0gE57M-1IjPh732usnKi9G-AlDygYAAAAAA=,,http://shanenj.tripod.com/search0.html"></iframe></body></html>

Shannon,

Do you have an account at ad.yieldmanager.com I get redirected to https://my.yieldmanager.com/

or is there a page that serves ads from ad.yieldmanger.com

Thanks
David

It is obvious that the ads are being served by other HTTP servers. However, my Firefox settings are to block such popups, and these particular scammers have devised a new way to force the popups to appear regardless of my settings. I can't really say how often they succeed, but not very often. I haven't managed to find the relevant source on any page that seems to be the cause of the popup, so I guess hiding the source is part of the trick.

I can confirm that I've seen it on Windows, too, so it is really a Firefox bug of some kind.

Shanen,

Thanks for the additional information. Since I have not seen the issue and you have also seen it on a windows machine. Would you be interested in pushing this issue upstream to https://bugzilla.mozilla.org/enter_bug.cgi

Thanks
David

I'll confirm that it is very active at that Tripod website, and I've seen it in other places, too. Not sure about how to 'push it upstream', but I'll try. I've just been adding an entry in the hosts file on each computer that maps them to 127.0.0.1, and they seem to be the only company using this form of JavaScript abuse.

when I log into my mailaccount via webmail (www.gmx.de) FireFox opens a pop-up every time I type the first digits of my account-number.

The pop-up blocker is active and I did not define any rules for this site :-(

(Ubuntu 7.10 on a Athlon PC)

PS: Opera does a better job. The "block unwanted pop-ups" option blocks the mentionend pop-up ;-)
(same PC)

On Tue, Dec 25, 2007 at 10:55:11PM -0000, DE255 wrote:
> when I log into my mailaccount via webmail (www.gmx.de) FireFox opens a
> pop-up every time I type the first digits of my account-number.
>
> The pop-up blocker is active and I did not define any rules for this
> site :-(
>
> (Ubuntu 7.10 on a Athlon PC)
>

Do you know about a site that shows this problem _and_ doesn't require
a login?

Thanks,

 - Alexander

check out www.gmx.de

do not try to login - instead you click on the orange tab called "Themen". A pop-up will open.
The same problem without logging in...

I tried it on my Mac mini.
Same problem.
FireFox 2.0.11 / Mac OS X 10.4.11

On Tue, Jan 08, 2008 at 06:06:43PM -0000, DE255 wrote:
> check out www.gmx.de
>
> do not try to login - instead you click on the orange tab called "Themen". A pop-up will open.
> The same problem without logging in...
>

this doesn't happen to me. I guess its related to some extension you
have installed. Try to disable/uninstall them and see if the problem
disappears.

 status incomplete

Thanks,

 - Alexander

I never use extensions or plugins on any of my installations

did you try other tabs on the website?

On Tue, Jan 08, 2008 at 09:20:32PM -0000, DE255 wrote:
> I never use extensions or plugins on any of my installations
>
> did you try other tabs on the website?
>

just did ... no popups here.

 - Alexander

Is this still an issue for you? We are trying to sort out the older Mozilla issues and would like to know if this still happens. If this still happens please report a new bug using Help > Report a problem from Firefox menu and file it against firefox-3.0
.