exploits , vulnerabilities , articles , Opera Web Browser Address Bar URI Spoofing Vulnerability

Title	Opera Web Browser Address Bar URI Spoofing Vulnerability
Published	2007-07-16-12:00AM
Updated	2007-08-28-11:02PM
Class	Design Error
CVE	CVE-2007-3819
Remote	Yes
Local	No
Credit	Robert Swiecki is credited with the discovery of this issue.
Vulnerable	S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Standard Server 8.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. SUSE Linux Enterprise Server 9 SP3 S.u.S.E. SUSE Linux Enterprise Server 10 SP1 S.u.S.E. SUSE Linux Enterprise Server 10 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. SLE SDK 9 S.u.S.E. SLE SDK 10.SP1 S.u.S.E. SLE SDK 10 S.u.S.E. openSUSE 10.2 S.u.S.E. OpenEnterpriseServer 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 10.2 x86_64 S.u.S.E. Linux Professional 10.2 S.u.S.E. Linux Professional 10.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 10.2 x86_64 S.u.S.E. Linux Personal 10.2 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Enterprise Server 10.SP1 S.u.S.E. Linux Enterprise Server 10 Linux kernel 2.6.5 S.u.S.E. Linux Enterprise SDK 10 S.u.S.E. Linux Desktop 10 S.u.S.E. Linux 10.1 x8664 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x8664 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc Opera Software Opera Web Browser 9.21 Opera Software Opera Web Browser 9.20 beta1 Opera Software Opera Web Browser 9.20 Opera Software Opera Web Browser 9.10 Opera Software Opera Web Browser 9.02 Opera Software Opera Web Browser 9.01 Opera Software Opera Web Browser 9 Gentoo Linux
Not Vulnerable	Opera Software Opera Web Browser 9.22
Code	To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted web document.The following example exploit is available:http://alt.swiecki.net/oper1.html
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
• 2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
• 2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
• 2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
• 2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
• 2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities
• 2009-12-17 WP-Forum WordPress Plugin Multiple SQL Injection Vulnerabilities
• 2009-12-17 Quick Heal AntiVirus Insecure Program File Permissions Local Privilege Escalation Vulnerability
• 2009-12-17 IntelliCom NetBiter webSCADA Multiple Default Password Security Bypass Vulnerabilities
• 2009-12-17 Webmatic Multiple Unspecified SQL Injection and Cross-Site Scripting Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 18 Dec 2009 11:11:04 +0000