CVE-2009-3832

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site.

CVSS v2.0 5.8 MEDIUM

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/37182	Broken Link
http://www.opera.com/docs/changelogs/windows/1001/	Broken Link Vendor Advisory
http://www.opera.com/support/kb/view/940/	Broken Link Vendor Advisory
http://www.osvdb.org/59359	Broken Link
http://www.securityfocus.com/bid/36850	Broken Link Patch Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2009/3073	Broken Link Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54022	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384	Tool Signature

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

01 Mar 2022, 15:08

Type	Values Removed	Values Added
CPE	cpe:2.3:a:opera:opera_browser:7.54:::::::* cpe:2.3:a:opera:opera_browser:8.53:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0.1::win32::::: cpe:2.3:a:opera:opera_browser:8.50:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.6::win32::::: cpe:2.3:a:opera:opera_browser:10.00:beta_3:::::: cpe:2.3:a:opera_software:opera_web_browser:6.0.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0::win32::::: cpe:2.3:a:opera:opera_browser:8.02:::::::* cpe:2.3:a:opera:opera_browser:9.12:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.01:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.1::linux::::: cpe:2.3:a:opera:opera_browser:7.23:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.1.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0b2:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.10:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.02:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.3::linux::::: cpe:2.3:a:opera:opera_browser:8.54:::::::* cpe:2.3:a:opera:opera_browser:9.21:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0b3:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.10:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0.3::win32::::: cpe:2.3:a:opera_software:opera_web_browser:5.0.2:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.01:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0tp:::::::* cpe:2.3:a:opera:opera_browser:9.01:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0b1:::::::* cpe:2.3:a:opera:opera_browser:8.01:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0b4:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.12:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.0.2::win32::::: cpe:2.3:a:opera:opera_browser:9.51:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.10::win32::::: cpe:2.3:a:opera_software:opera_web_browser:7.0.2:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.1.0::win32::::: cpe:2.3:a:opera:opera_browser:9.20:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.1::win32::::: cpe:2.3:a:opera:opera_browser:9.64:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0.2::win32::::: cpe:2.3:a:opera_software:opera_web_browser:3.6:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.0::mac::::: cpe:2.3:a:opera:opera_browser:9.02:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0_beta1::win32::::: cpe:2.3:a:opera:opera_browser:7.53:::::::* cpe:2.3:a:opera:opera_browser:9.22:::::::* cpe:2.3:a:opera:opera_browser:10:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.11:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.6.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0::win32::::: cpe:2.3:a:opera_software:opera_web_browser:6.0.4::win32::::: cpe:2.3:a:opera_software:opera_web_browser:7.0.3:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.2::linux::::: cpe:2.3:a:opera_software:opera_web_browser:7.0_beta2::win32::::: cpe:2.3:a:opera_software:opera_web_browser:7.0_beta1:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.3::win32::::: cpe:2.3:a:opera_software:opera_web_browser:6.0.2::win32::::: cpe:2.3:a:opera_software:opera_web_browser:3.62:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.10::linux::::: cpe:2.3:a:opera_software:opera_web_browser:6.0.2:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.6.2b:::::::* cpe:2.3:a:opera:opera_browser:8.51:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.10:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.6:::::::* cpe:2.3:a:opera:opera_browser:9.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:7.0_beta2:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.1.1::win32::::: cpe:2.3:a:opera:opera_browser:7.60:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.5:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.5.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.3:::::::* cpe:2.3:a:opera:opera_browser:7.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.0:::::::* cpe:2.3:a:opera:opera_browser:8.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0b5:::::::* cpe:2.3:a:opera_software:opera_web_browser:3.2.1:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.4:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:4.0b6:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.5:::::::* cpe:2.3:a:opera:opera_browser:9.10:::::::* cpe:2.3:a:opera_software:opera_web_browser:5.11::win32::::: cpe:2.3:a:opera_software:opera_web_browser:5.0::linux::::: cpe:2.3:a:opera:opera_browser:8.52:::::::* cpe:2.3:a:opera:opera_browser:9.52:::::::* cpe:2.3:a:opera:brew_browser:6.0:sp1:::::: cpe:2.3:a:opera_software:opera_web_browser:5.02:::::::* cpe:2.3:a:opera_software:opera_web_browser:::::::: cpe:2.3:a:opera_software:opera_web_browser:5.12::win32::::: cpe:2.3:a:opera_software:opera_web_browser:5.1.0:::::::* cpe:2.3:a:opera_software:opera_web_browser:6.0.5::win32:::::
References	~~(VUPEN) http://www.vupen.com/english/advisories/2009/3073 - Patch, Vendor Advisory~~	(VUPEN) http://www.vupen.com/english/advisories/2009/3073 - Broken Link, Patch, Vendor Advisory
References	~~(BID) http://www.securityfocus.com/bid/36850 - Patch~~	(BID) http://www.securityfocus.com/bid/36850 - Broken Link, Patch, Third Party Advisory, VDB Entry
References	~~(OSVDB) http://www.osvdb.org/59359 -~~	(OSVDB) http://www.osvdb.org/59359 - Broken Link
References	~~(SECUNIA) http://secunia.com/advisories/37182 - Vendor Advisory~~	(SECUNIA) http://secunia.com/advisories/37182 - Broken Link
References	~~(CONFIRM) http://www.opera.com/docs/changelogs/windows/1001/ - Vendor Advisory~~	(CONFIRM) http://www.opera.com/docs/changelogs/windows/1001/ - Broken Link, Vendor Advisory
References	~~(CONFIRM) http://www.opera.com/support/kb/view/940/ - Vendor Advisory~~	(CONFIRM) http://www.opera.com/support/kb/view/940/ - Broken Link, Vendor Advisory
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/54022 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/54022 - Third Party Advisory, VDB Entry
References	~~(OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384 -~~	(OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384 - Tool Signature
CWE	~~CWE-20~~	CWE-601

Information

Published : 2009-10-30 20:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-3832

Mitre link : CVE-2009-3832

CVE.ORG link : CVE-2009-3832

JSON object : View

Products Affected

opera

opera_browser

microsoft

windows

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

5.8 /10