- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200710-31 (Opera: Multiple vulnerabilities)
Michael A. Puls II discovered an unspecified flaw when launching external email or newsgroup clients (CVE-2007-5541). David Bloom discovered that when displaying frames from different websites, the same-origin policy is not correctly enforced (CVE-2007-5540).
Impact :
An attacker could potentially exploit the first vulnerability to execute arbitrary code with the privileges of the user running Opera by enticing a user to visit a specially crafted URL. Note that this vulnerability requires an external e-mail or newsgroup client configured in Opera to be exploitable. The second vulnerability allows an attacker to execute arbitrary script code in a user's browser session in context of other sites or the theft of browser credentials.
Workaround :
There is no known workaround at this time for all these vulnerabilities.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top