Описание
Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3331
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27449
- http://secunia.com/advisories/19480
- http://secunia.com/advisories/20897
- http://secunia.com/secunia_research/2006-49/advisory
- http://securityreason.com/securityalert/1177
- http://securitytracker.com/id?1016406
- http://www.novell.com/linux/security/advisories/2006_38_opera.html
- http://www.securityfocus.com/archive/1/438634/100/0/threaded
- http://www.securityfocus.com/bid/18692
- http://www.vupen.com/english/advisories/2006/2571
EPSS
Процентиль: 83%
0.0195
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.
EPSS
Процентиль: 83%
0.0195
Низкий