BugTraq
[CAL-2012-0015] opera website spoof Jun 14 2012 10:48AM
Code Audit Labs (vulnhunt gmail com) (1 replies)
Re: [CAL-2012-0015] opera website spoof Jun 17 2012 12:05AM
Code Audit Labs (vulnhunt gmail com)
thank cve assign a cve id: CVE-2012-3560 to this.

ÓÚ 2012/6/14 18:48, Code Audit Labs дµÀ:
> CAL-2012-0015 opera website spoof
>
>
> CVE ID: Opera did not assign ,please cve (at) mitre (dot) org [email concealed] assign
> CAL ID: CAL-2012-0015
> ref:
> http://blog.vulnhunt.com/index.php/2012/06/14/cal-2012-0015-opera-websit
e-spoof/
>
>
> 1 Affected Products
> =================
> 11.61 and prior
>
>
> 2 Vulnerability Details
> =====================
>
> Code Audit Labs http://www.vulnhunt.com has discovered a website
> spoof vulnerability in Opera .When a user types a new URL for the
> browser to load, the currently active page may detect when the
> new page is about to load and prevent the navigation, while still
> leaving the new URL displayed in the address bar. This can then be
> used to spoof the URL of the target page. The malicious page would
> need to employ social engineering tactics in order to guess what
> page the user is likely to try to load next, as it cannot see what
> URL the user has typed.
>
>
> 3: how to fixed
> ==========
> Opera Software has released Opera 12 and Opera 11.65,
> where this issue has been fixed.
> http://www.opera.com/support/kb/view/1022/
>
>
> 4 About Code Audit Labs:
> =====================
> Code Audit Labs secure your software,provide Professional include source
> code audit and binary code audit service.
> Code Audit Labs:¡± You create value for customer,We protect your value¡±
>
> http://www.VulnHunt.com
> http://blog.Vulnhunt.com
> http://t.qq.com/vulnhunt
> http://weibo.com/vulnhunt
> https://twitter.com/vulnhunt
>

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus