5

CVE-2008-2716

Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OperaOpera Browser Version < 9.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.98% 0.855
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
CWE-1021 Improper Restriction of Rendered UI Layers or Frames

The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain.

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html
Third Party Advisory
http://secunia.com/advisories/30636
Broken Link
http://secunia.com/advisories/30682
Broken Link
http://www.opera.com/docs/changelogs/linux/950/#security
Vendor Advisory
Broken Link
http://www.opera.com/docs/changelogs/windows/950/#security
Vendor Advisory
Broken Link
http://www.securityfocus.com/bid/29684
Patch
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2008/1812
Broken Link
http://www.opera.com/support/search/view/885/
Vendor Advisory
Broken Link
http://www.securitytracker.com/id?1020292
Third Party Advisory
Broken Link
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43033
Third Party Advisory
VDB Entry