5

CVE-2004-0872

Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OperaOpera Browser Version7.51
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.73% 0.842
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-669 Incorrect Resource Transfer Between Spheres

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

http://securityfocus.com/archive/1/375407
Third Party Advisory
Vendor Advisory
Broken Link
VDB Entry
http://www.westpoint.ltd.uk/advisories/wp-04-0001.txt
Vendor Advisory
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/17417
Third Party Advisory
VDB Entry
http://securitytracker.com/id?1011329
Third Party Advisory
Broken Link
VDB Entry