Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4195

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-4195
Last Modified 08 Jun 2012 12:00:00
Published 27 Sep 2008 06:30:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4195

Summary

Opera before 9.52 does not properly restrict the ability of a framed web page to change the address associated with a different frame, which allows remote attackers to trigger the display of an arbitrary address in a frame via unspecified use of web script.

Vulnerable Systems

Application

  • Opera Browser 5.0

  • Opera Browser 5.02

  • Opera Browser 5.10

  • Opera Browser 5.11

  • Opera Browser 5.12

  • Opera Browser 6.0

  • Opera Browser 6.01

  • Opera Browser 6.02

  • Opera Browser 6.03

  • Opera Browser 6.04

  • Opera Browser 6.05

  • Opera Browser 6.06

  • Opera Browser 6.1

  • Opera Browser 6.11

  • Opera Browser 6.12

  • Opera Browser 7.0

  • Opera Browser 7.01

  • Opera Browser 7.02

  • Opera Browser 7.03

  • Opera Browser 7.10

  • Opera Browser 7.11

  • Opera Browser 7.20

  • Opera Browser 7.21

  • Opera Browser 7.22

  • Opera Browser 7.23

  • Opera Browser 7.50

  • Opera Browser 7.51

  • Opera Browser 7.52

  • Opera Browser 7.53

  • Opera Browser 7.54

  • Opera Browser 7.60

  • Opera Browser 8.0

  • Opera Browser 8.01

  • Opera Browser 8.02

  • Opera Browser 8.50

  • Opera Browser 8.51

  • Opera Browser 8.52

  • Opera Browser 8.53

  • Opera Browser 8.54

  • Opera Browser 9.0

  • Opera Browser 9.01

  • Opera Browser 9.02

  • Opera Browser 9.10

  • Opera Browser 9.12

  • Opera Browser 9.20

  • Opera Browser 9.21

  • Opera Browser 9.22

  • Opera Browser 9.23

  • Opera Browser 9.24

  • Opera Browser 9.25

  • Opera Browser 9.26

  • Opera Browser 9.27

  • Opera Browser 9.50

  • Opera Browser 9.51


References

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=235298

XF - opera-frameaddress-spoofing(44549)

VUPEN - ADV-2008-2416

SECTRACK - 1020718

BID - 30768

CONFIRM - http://www.opera.com/support/search/view/893/

CONFIRM - http://www.opera.com/docs/changelogs/windows/952/

CONFIRM - http://www.opera.com/docs/changelogs/solaris/952/

CONFIRM - http://www.opera.com/docs/changelogs/mac/952/

CONFIRM - http://www.opera.com/docs/changelogs/linux/952/

CONFIRM - http://www.opera.com/docs/changelogs/freebsd/952/

MLIST - [oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities

MLIST - [oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities

GENTOO - GLSA-200811-01

SECUNIA - 32538

SECUNIA - 31549


Last Updated: 27 May 2016 10:48:25