CVE-2005-2273

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 13-07-2005 06:00

Last modified: - 28-02-2022 05:34

Total changes: - 2

Description

Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:N/I:P/A:N

High

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

2.6

Base score

4.9

2.9

Exploitability score

Impact score

Verification logic

vendor=opera AND product=opera_browser AND versionStartIncluding=7.00 AND versionEndExcluding=8.01

Reference

http://secunia.com/multiple_browsers_dialog_origin_vulnerability_test/
http://secunia.com/secunia_research/2005-8/
15488-Not Applicable

Keywords

CVE-2005-2273

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2005-2273

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures