Search...

Scripts can overwrite functions on pages from other domains

2007-10-16T00:00:00

ID OPERA:867
Type opera
Reporter Opera
Modified 2007-10-16T00:00:00

Description

When accesing frames from different Web sites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Web site.

JSON Vulners Source

Initial Source

{"bulletinFamily": "software", "id": "OPERA:867", "title": "Scripts can overwrite functions on pages from other domains", "enchantments": {"score": {"value": 3.0, "vector": "NONE", "modified": "2016-09-04T11:14:56", "rev": 2}, "dependencies": {"references": [], "modified": "2016-09-04T11:14:56", "rev": 2}, "vulnersScore": 3.0}, "description": "When accesing frames from different Web sites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Web site.", "cvelist": [], "viewCount": 1, "published": "2007-10-16T00:00:00", "href": "http://www.opera.com/security/advisory/867", "references": [], "edition": 1, "cvss": {"score": 0.0, "vector": "NONE"}, "affectedSoftware": [{"version": "9.24", "name": "Opera", "operator": "lt"}], "reporter": "Opera", "modified": "2007-10-16T00:00:00", "lastseen": "2016-09-04T11:14:56", "type": "opera"}