Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0537

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0537
Last Modified 05 Sep 2008 04:38:41
Published 06 Aug 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0537

Summary

Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.

Vulnerable Systems

Application

  • Opera Software Opera Web Browser 7.23

  • Opera Software Opera Web Browser 7.50


References

BID - 10452

CONFIRM - http://www.opera.com/linux/changelogs/751/index.dml

MISC - http://security.greymagic.com/security/advisories/gm007-op/

BUGTRAQ - 20040603 Phishing for Opera (GM#007-OP)

XF - opera-favicon-spoofing(16307)

SECUNIA - 11762

OSVDB - 6590


Last Updated: 27 May 2016 10:38:38