Bugraq ID: 35412
CVE ID:CVE-2009-2061
CVE-2009-2062
CVE-2009-2063
多个浏览器处理WEB代理重定向存在中间人攻击。
攻击者可以利用这个漏洞进行钓鱼攻击或获得敏感信息。不过要利用此漏洞,攻击者必须截获或控制网络通信,如通过中间人,DNS毒药等攻击。
如下浏览器受此漏洞影响:
Mozilla Firefox prior to 3.0.10
Apple Safari prior to 3.2.2
Opera prior to 9.25
Opera Software Opera Web Browser 8.51
Opera Software Opera Web Browser 8.50
Opera Software Opera Web Browser 8.0.2
Opera Software Opera Web Browser 8.0 2
Opera Software Opera Web Browser 8.0 1
Opera Software Opera Web Browser 8.0
Opera Software Opera Web Browser 7.54
Opera Software Opera Web Browser 7.53
Opera Software Opera Web Browser 7.52
Opera Software Opera Web Browser 7.51
Opera Software Opera Web Browser 7.50
Opera Software Opera Web Browser 7.23
Opera Software Opera Web Browser 7.22
Opera Software Opera Web Browser 7.21
Opera Software Opera Web Browser 7.20 Beta 1 build 2981
Opera Software Opera Web Browser 7.20
Opera Software Opera Web Browser 7.11 j
Opera Software Opera Web Browser 7.11 b
Opera Software Opera Web Browser 7.11
Opera Software Opera Web Browser 7.10
Opera Software Opera Web Browser 7.0 win32 Beta 2
Opera Software Opera Web Browser 7.0 win32 Beta 1
Opera Software Opera Web Browser 7.0 win32
Opera Software Opera Web Browser 7.0 3win32
Opera Software Opera Web Browser 7.0 2win32
Opera Software Opera Web Browser 7.0 1win32
Opera Software Opera Web Browser 6.10 linux
Opera Software Opera Web Browser 6.0.5 win32
Opera Software Opera Web Browser 6.0.4 win32
Opera Software Opera Web Browser 6.0.3 win32
Opera Software Opera Web Browser 6.0.3 linux
Opera Software Opera Web Browser 6.0.2 win32
Opera Software Opera Web Browser 6.0.2 linux
Opera Software Opera Web Browser 6.0.1 win32
Opera Software Opera Web Browser 6.0.1 linux
Opera Software Opera Web Browser 6.0.1
Opera Software Opera Web Browser 6.0 win32
Opera Software Opera Web Browser 6.0 6
Opera Software Opera Web Browser 6.0 .6win32
Opera Software Opera Web Browser 6.0
Opera Software Opera Web Browser 5.12 win32