Описание
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-4043
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12208
- http://secunia.com/advisories/41740
- http://securitytracker.com/id?1024570
- http://www.opera.com/docs/changelogs/mac/1063
- http://www.opera.com/docs/changelogs/unix/1063
- http://www.opera.com/docs/changelogs/windows/1063
- http://www.opera.com/support/kb/view/971
EPSS
Процентиль: 76%
0.00917
Низкий
CVE ID
Связанные уязвимости
nvd
больше 15 лет назад
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document.
EPSS
Процентиль: 76%
0.00917
Низкий