Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5276

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5276
Last Modified 15 Nov 2008 02:00:27
Published 08 Oct 2007 07:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5276

Summary

Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80.

Vulnerable Systems

Application

  • Opera Software Opera Web Browser 9


References

OSVDB - 45526

MISC - http://crypto.stanford.edu/dns/dns-rebinding.pdf


Last Updated: 27 May 2016 10:46:08