Lucene search
Copyright (C) 2012 Greenbone AGOPENVAS:1361412562310802450HistorySep 03, 2012 - 12:00 a.m.
Opera Address Bar Spoofing Vulnerability - Windows
2012-09-0300:00:00
Copyright (C) 2012 Greenbone AG
plugins.openvas.org
3
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.3%
Opera is prone to address bar spoofing vulnerability.
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.802450");
script_version("2024-02-15T05:05:40+0000");
script_cve_id("CVE-2012-4010");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
script_tag(name:"creation_date", value:"2012-09-03 16:35:41 +0530 (Mon, 03 Sep 2012)");
script_name("Opera Address Bar Spoofing Vulnerability - Windows");
script_xref(name:"URL", value:"http://jvn.jp/en/jp/JVN69880570/index.html");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/55345");
script_xref(name:"URL", value:"http://www.opera.com/docs/changelogs/windows/1160/");
script_xref(name:"URL", value:"http://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000080.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("General");
script_dependencies("gb_opera_detect_portable_win.nasl");
script_mandatory_keys("Opera/Win/Version");
script_tag(name:"impact", value:"Successful exploitation will allow remote attackers to conduct phishing
attacks.");
script_tag(name:"affected", value:"Opera version prior to 11.60 on Windows");
script_tag(name:"insight", value:"The flaw is caused due an error in address bar, where certain characters
displayed in the address bar can be spoofed due to the difficulty in
determining that the URL displayed in the address bar and the URL being
accessed are different.");
script_tag(name:"solution", value:"Upgrade to Opera version 11.60 or later.");
script_tag(name:"summary", value:"Opera is prone to address bar spoofing vulnerability.");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
operaVer = get_kb_item("Opera/Win/Version");
if(!operaVer){
exit(0);
}
if(version_is_less(version:operaVer, test_version:"11.60")){
report = report_fixed_ver(installed_version:operaVer, fixed_version:"11.60");
security_message(port:0, data:report);
}
Related
openvas
openvas
Opera Address Bar Spoofing Vulnerability (Windows)
2012-09-03 00:00:00
Gentoo Security Advisory GLSA 201209-11 (opera)
2012-09-26 00:00:00
Gentoo Security Advisory GLSA 201209-11 (opera)
2012-09-26 00:00:00
jvn
jvn
JVN#69880570: Opera address bar spoofing vulnerability
2012-08-30 00:00:00
nvd
nvd
CVE-2012-4010
2012-08-30 17:55:02
prion
prion
Code injection
2012-08-30 17:55:00
cve
cve
CVE-2012-4010
2022-10-03 16:15:34
cvelist
cvelist
CVE-2012-4010
2022-10-03 16:15:34
nessus
nessus
GLSA-201209-11 : Opera: Multiple vulnerabilities
2012-09-26 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2012-09-25 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.4 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
59.3%
Related for OPENVAS:1361412562310802450