Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Windows >> Opera web browser address bar spoofing weakness


Vulnerability Assessment Details

Opera web browser address bar spoofing weakness

Vulnerability Assessment Summary
Acertains the version of Opera.exe

Detailed Explanation for this Vulnerability Assessment

The remote host is using Opera - an alternative web browser.

This version of Opera is vulnerable to a security weakness
that may permit malicious web pages to spoof address bar information.

This is reportedly possible through malicious use of the
JavaScript 'unOnload' event handler when the browser
is redirected to another page.

This issue could be exploited to spoof the domain of a malicious web page,
potentially causing the victim user to trust the spoofed domain.

Solution : Install Opera 7.50 or newer.
Network Security Threat Level: High

Networks Security ID: 10337

Vulnerability Assessment Copyright: This script is Copyright (C) 2004 David Maciejak

Cables, Connectors

Apple Display Video Cable OLD Macintosh Vintage ADB (qty 2, different types)
$6.0
Apple Display Video Cable OLD Macintosh Vintage ADB (qty 2, different types) pictureMagic Spin Internal CD-ROM Kit 52X NEW Windows 98 Apple IBM Compaq Vintage
$29.99
Magic Spin Internal CD-ROM Kit 52X NEW  Windows 98 Apple IBM Compaq Vintage  pictureVintage Apple Macintosh PowerBook 3400 Series Laptop Family Number M3553
$49.99
Vintage Apple Macintosh PowerBook 3400 Series Laptop Family Number M3553  pictureVintage Apple ImageWriter II - Powers On
$45.0
Vintage Apple ImageWriter II - Powers On picture


Discussions

No Discussions have been posted on this vulnerability.