CVE-2009-3832

Опубликовано: 30 окт. 2009

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site.

Ссылки

http://secunia.com/advisories/37182
Broken Link
http://www.opera.com/docs/changelogs/windows/1001/
Broken Link
Vendor Advisory
http://www.opera.com/support/kb/view/940/
Broken Link
Vendor Advisory
http://www.osvdb.org/59359
Broken Link
http://www.securityfocus.com/bid/36850
Broken Link
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2009/3073
Broken Link
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54022
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384
Tool Signature
http://secunia.com/advisories/37182
Broken Link
http://www.opera.com/docs/changelogs/windows/1001/
Broken Link
Vendor Advisory
http://www.opera.com/support/kb/view/940/
Broken Link
Vendor Advisory
http://www.osvdb.org/59359
Broken Link
http://www.securityfocus.com/bid/36850
Broken Link
Patch
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2009/3073
Broken Link
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54022
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6384
Tool Signature

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 10.01 (исключая)

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01217

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-vfqw-xwh7-w232

github

почти 4 года назад