CVE-2004-0872

Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
References
Link Resource
http://securityfocus.com/archive/1/375407 Broken Link Third Party Advisory VDB Entry Vendor Advisory
http://securitytracker.com/id?1011329 Broken Link Third Party Advisory VDB Entry
http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt Broken Link Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 Third Party Advisory VDB Entry
http://securityfocus.com/archive/1/375407 Broken Link Third Party Advisory VDB Entry Vendor Advisory
http://securitytracker.com/id?1011329 Broken Link Third Party Advisory VDB Entry
http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt Broken Link Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://securityfocus.com/archive/1/375407 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory () http://securityfocus.com/archive/1/375407 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
References () http://securitytracker.com/id?1011329 - Broken Link, Third Party Advisory, VDB Entry () http://securitytracker.com/id?1011329 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt - Broken Link, Vendor Advisory () http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt - Broken Link, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 - Third Party Advisory, VDB Entry

28 Feb 2022, 17:35

Type Values Removed Values Added
References (BUGTRAQ) http://securityfocus.com/archive/1/375407 - Vendor Advisory (BUGTRAQ) http://securityfocus.com/archive/1/375407 - Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory
References (MISC) http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt - Vendor Advisory (MISC) http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt - Broken Link, Vendor Advisory
References (SECTRACK) http://securitytracker.com/id?1011329 - (SECTRACK) http://securitytracker.com/id?1011329 - Broken Link, Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17417 - Third Party Advisory, VDB Entry
CPE cpe:2.3:a:opera_software:opera_web_browser:7.51:*:*:*:*:*:*:* cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*
CWE NVD-CWE-Other CWE-669

Information

Published : 2004-09-16 04:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-0872

Mitre link : CVE-2004-0872

CVE.ORG link : CVE-2004-0872


JSON object : View

Products Affected

opera

  • opera_browser
CWE
CWE-669

Incorrect Resource Transfer Between Spheres