Lucene search

PRIOn knowledge basePRION:CVE-2009-4071

HistoryNov 24, 2009 - 5:30 p.m.

Cross site scripting

2009-11-2417:30:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

70.8%

JSON

Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors.

CPENameOperatorVersion
opera_browsereq7.23
opera_browsereq9.02
opera_browsereq7.53
opera_browsereq8.50
opera_browserle10.10
opera_browsereq9.51
opera_browsereq10.00
opera_browsereq8.53
opera_browsereq9.12
opera_browsereq8.0

Name	Operator	Version
opera_browser	eq	7.23
opera_browser	eq	9.02
opera_browser	eq	7.53
opera_browser	eq	8.50
opera_browser	le	10.10
opera_browser	eq	9.51
opera_browser	eq	10.00
opera_browser	eq	8.53
opera_browser	eq	9.12
opera_browser	eq	8.0

Rows per page:

1-10 of 291

References

osvdb.org/60527

secunia.com/advisories/37469

www.opera.com/docs/changelogs/mac/1010/

www.opera.com/docs/changelogs/unix/1010/

www.opera.com/docs/changelogs/windows/1010/

www.opera.com/support/kb/view/941/

www.securityfocus.com/bid/37089

www.vupen.com/english/advisories/2009/3297

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385

5.5 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

70.8%

JSON

Related for PRION:CVE-2009-4071