Vulnerabilities > CVE-2005-0235 - Unspecified vulnerability in Opera Browser

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
opera
nessus

Summary

The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2005_031.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2005:031 (opera). The commercial web browser Opera has been updated to the 8.0 version, fixing all currently known security problems, including: - CVE-2005-0235: IDN cloaking / homograph attack allows easy spoofing of domain names. - CVE-2005-0456: Opera did not validate base64 encoded binary in data: URLs correctly. - CVE-2005-1139: Opera showed the Organizational Information of SSL certificates which could be easily spoofed and be used for phishing attacks. A full Changelog can be found on: http://www.opera.com/linux/changelogs/800/
    last seen2019-10-28
    modified2005-07-20
    plugin id19240
    published2005-07-20
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19240
    titleSUSE-SA:2005:031: opera
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2005-003.NASL
    descriptionThe remote host is missing Security Update 2005-003. This security update contains security fixes for the following applications : - AFP Server - Bluetooth Setup Assistant - Core Foundation - Cyrus IMAP - Cyrus SASL - Folder Permissions - Mailman - Safari These programs have multiple vulnerabilities which may allow a remote attacker to execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id17587
    published2005-03-21
    reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/17587
    titleMac OS X Multiple Vulnerabilities (Security Update 2005-003)