ID CVE-2005-2273
Summary Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:opera_software:opera_web_browser:7.0:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.0.1:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0.1:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.0.2:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0.2:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.0.3:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0.3:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.0_beta1:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0_beta1:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.0_beta2:*:win32:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.0_beta2:*:win32:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.11:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.11:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.11b:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.11b:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.11j:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.11j:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.20:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.20:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.20_beta1_build2981:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.20_beta1_build2981:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.21:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.21:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.22:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.22:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.23:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.23:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.50:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.50:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.50b1:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.50b1:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.51:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.51:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.52:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.52:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.53:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.53:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:8.0_final_build_1095:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:8.0_final_build_1095:*:*:*:*:*:*:*
  • cpe:2.3:a:opera_software:opera_web_browser:8_beta_3:*:*:*:*:*:*:*
    cpe:2.3:a:opera_software:opera_web_browser:8_beta_3:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 05-09-2008 - 20:51)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:P/A:N
refmap via4
misc
secunia 15488
Last major update 05-09-2008 - 20:51
Published 13-07-2005 - 04:00
Back to Top