Lucene search

[email protected]CVE-2004-0537

HistoryAug 06, 2004 - 4:00 a.m.

CVE-2004-0537

2004-08-0604:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

opera

web security

phishing

cve-2004-0537

favicon

nvd

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

Opera 7.50 and earlier allows remote web sites to provide a “Shortcut Icon” (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.

CPENameOperatorVersion
opera:opera_browseropera opera browserle7.50

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	le	7.50

References

lists.grok.org.uk/pipermail/full-disclosure/2004-June/022263.html

marc.info/?l=bugtraq&m=108627581717738&w=2

osvdb.org/6590

secunia.com/advisories/11762

security.greymagic.com/security/advisories/gm007-op/

www.opera.com/linux/changelogs/751/index.dml

www.securityfocus.com/bid/10452

exchange.xforce.ibmcloud.com/vulnerabilities/16307

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

Related for CVE-2004-0537

openvas2 nessus1