Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0872


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0872
Last Modified 05 Sep 2008 04:39:38
Published 16 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."

Vulnerable Systems


  • Opera Software Opera Web Browser 7.51



BUGTRAQ - 20040916 wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities

XF - web-browser-cookie-session-hijack(17417)

SECTRACK - 1011329

Last Updated: 27 May 2016 10:38:47