Vulnerabilities > CVE-2005-1139 - Unspecified vulnerability in Opera Browser 8.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | SuSE Local Security Checks |
| NASL id | SUSE_SA_2005_031.NASL |
| description | The remote host is missing the patch for the advisory SUSE-SA:2005:031 (opera). The commercial web browser Opera has been updated to the 8.0 version, fixing all currently known security problems, including: - CVE-2005-0235: IDN cloaking / homograph attack allows easy spoofing of domain names. - CVE-2005-0456: Opera did not validate base64 encoded binary in data: URLs correctly. - CVE-2005-1139: Opera showed the Organizational Information of SSL certificates which could be easily spoofed and be used for phishing attacks. A full Changelog can be found on: http://www.opera.com/linux/changelogs/800/ |
| last seen | 2019-10-28 |
| modified | 2005-07-20 |
| plugin id | 19240 |
| published | 2005-07-20 |
| reporter | This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/19240 |
| title | SUSE-SA:2005:031: opera |