Vulnerabilities > CVE-2004-0537 - Unspecified vulnerability in Opera Browser
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | OPERA_FAVICON_ADDRESS_BAR_SPOOFING.NASL |
description | The version of Opera is vulnerable to a security weakness that may permit malicious web pages to spoof address bar information. It is reported that the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 14245 |
published | 2004-08-10 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/14245 |
title | Opera < 7.51 favicon.ico Address Bar Spoofing |
code |
|
References
- http://www.securityfocus.com/bid/10452
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022263.html
- http://security.greymagic.com/security/advisories/gm007-op/
- http://www.opera.com/linux/changelogs/751/index.dml
- http://osvdb.org/6590
- http://secunia.com/advisories/11762
- http://marc.info/?l=bugtraq&m=108627581717738&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16307