CVE-2009-3049
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
80.8%
Opera before 10.00 does not properly display all characters in Internationalized Domain Names (IDN) in the address bar, which allows remote attackers to spoof URLs and conduct phishing attacks, related to Unicode and Punycode.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| opera | opera_browser | * | cpe:2.3:a:opera:opera_browser:*:beta_3:*:*:*:*:*:* |
| opera | opera_browser | 7.0 | cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:* |
| opera | opera_browser | 7.23 | cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:* |
| opera | opera_browser | 7.53 | cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:* |
| opera | opera_browser | 7.54 | cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:* |
| opera | opera_browser | 7.60 | cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:* |
| opera | opera_browser | 8.0 | cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:* |
| opera | opera_browser | 8.01 | cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:* |
| opera | opera_browser | 8.02 | cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:* |
| opera | opera_browser | 8.50 | cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:* |
References
www.opera.com/docs/changelogs/freebsd/1000/
www.opera.com/docs/changelogs/linux/1000/
www.opera.com/docs/changelogs/mac/1000/
www.opera.com/docs/changelogs/solaris/1000/
www.opera.com/docs/changelogs/windows/1000/
www.opera.com/support/kb/view/932/
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6235
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
Percentile
80.8%