Lucene search

[email protected]CVE-2006-3331

HistoryJun 30, 2006 - 11:05 p.m.

CVE-2006-3331

2006-06-3023:05:00

[email protected]

web.nvd.nist.gov

cve-2006-3331

opera

ssl

security

bar

spoofing

vulnerability

phishing

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.1%

JSON

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.

Affected configurations

NVD

Node

operaopera_browserRange<9.0

CPENameOperatorVersion
opera:opera_browseropera opera browserlt9.0

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	lt	9.0

References

secunia.com/advisories/19480

secunia.com/advisories/20897

secunia.com/secunia_research/2006-49/advisory/

securityreason.com/securityalert/1177

securitytracker.com/id?1016406

www.novell.com/linux/security/advisories/2006_38_opera.html

www.securityfocus.com/archive/1/438634/100/0/threaded

www.securityfocus.com/bid/18692

www.vupen.com/english/advisories/2006/2571

exchange.xforce.ibmcloud.com/vulnerabilities/27449

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

6.7 Medium

AI Score

Confidence

High

0.017 Low

EPSS

Percentile

88.1%

JSON

Related for CVE-2006-3331

cvelist1 nvd1 nessus2 suse1