New issue
Advanced search Search tips

Issue 867528 link

Starred by 1 user
Status: WontFix
Owner:
ellyjo...@chromium.org
Closed: Aug 23
Cc:
mac-bugs-priority@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 1
Type: Bug-Security
Team-Accessibility



Sign in to add a comment

Security: MacOS VoiceOver Crash

Reported by lsnmath...@gmail.com, Jul 25 
VULNERABILITY DETAILS

After activating VoiceOver on macOS High Sierra 10.13.5, clicking and dragging links from pages to the URL area crashes Chrome. This could be abused and is harmful to accessibility users.

Reproduction:
1. Activate screen reader and deactivate again.
2. Try to drag a link from a page to the tabs at the top.
3. Chrome crashes.

VERSION

Chrome Version: [69.0.3493.3 dev]
Operating System: mac-OS High Sierra 10.13.5

REPRODUCTION CASE

Attached HTML file demonstrating bug.

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION

Type of crash: Browser
Client ID (if relevant): d5fca349f87ddd01
bugreport.html
163 bytes View Download

Comment 1 by mbarbe...@chromium.org, Jul 26

Components: UI>Accessibility
Labels: Security_Severity-Medium Security_Impact-Stable OS-Mac
Owner: dmazz...@chromium.org
Status: Assigned (was: Unconfirmed)
dmazzoni: Any idea who a good owner for this would be? Feel free to pass it back to me if not and I'll try to find someone else.
Project Member

Comment 2 by sheriffbot@chromium.org, Jul 27

Labels: M-68 Target-68
Project Member

Comment 3 by sheriffbot@chromium.org, Jul 27

Labels: Pri-1
Project Member

Comment 4 by sheriffbot@chromium.org, Aug 9 

dmazzoni: Uh oh! This issue still open and hasn't been updated in the last 14 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers?

If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one?

If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by dmazz...@chromium.org, Aug 17

Labels: Proj-MacViews
Owner: ellyjo...@chromium.org
I can't repro, but it sounds like this might be a MacViews bug. Hopefully one already fixed?
Project Member

Comment 6 by sheriffbot@chromium.org, Aug 23 

ellyjones: Uh oh! This issue still open and hasn't been updated in the last 28 days. This is a serious vulnerability, and we want to ensure that there's progress. Could you please leave an update with the current status and any potential blockers?

If you're not the right owner for this issue, could you please remove yourself as soon as possible or help us find the right one?

If the issue is fixed or you can't reproduce it, please close the bug. If you've started working on a fix, please set the status to Started.

Thanks for your time! To disable nags, add the Disable-Nags label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 7 by ellyjo...@chromium.org, Aug 23

Status: WontFix (was: Assigned)
We only ever received three crashes, all of them on 69.0.3493.3, which we've rolled pretty far past by now. I'm gonna call this obsolete.
Project Member

Comment 8 by sheriffbot@chromium.org, Nov 29

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment