Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:41
Type | Values Removed | Values Added |
---|---|---|
References | () http://blog.vulnhunt.com/index.php/2012/06/14/cal-2012-0015-opera-website-spoof/ - | |
References | () http://www.opera.com/docs/changelogs/mac/1165/ - | |
References | () http://www.opera.com/docs/changelogs/mac/1200/ - | |
References | () http://www.opera.com/docs/changelogs/unix/1200/ - | |
References | () http://www.opera.com/docs/changelogs/windows/1200/ - | |
References | () http://www.opera.com/support/kb/view/1022/ - Vendor Advisory |
Information
Published : 2012-06-14 19:55
Updated : 2024-11-21 01:41
NVD link : CVE-2012-3560
Mitre link : CVE-2012-3560
CVE.ORG link : CVE-2012-3560
JSON object : View
Products Affected
opera
- opera_browser
CWE
CWE-264
Permissions, Privileges, and Access Controls