CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
82.5%
Opera software reports:
Fixed a moderately severe issue; details will be
disclosed at a later date
Fixed an issue that could allow pages to set cookies
or communicate cross-site for some top level domains;
see our advisory
Improved handling of certificate revocation corner
cases
Added a fix for a weakness in the SSL v3.0 and TLS 1.0
specifications, as reported by Thai Duong and Juliano Rizzo;
see our advisory
Fixed an issue where the JavaScript “in” operator
allowed leakage of cross-domain information, as reported
by David Bloom; see our advisory