| Vulnerability Name: | CVE-2007-3819 (CCN-35430) | ||||||||
| Assigned: | 2007-07-14 | ||||||||
| Published: | 2007-07-14 | ||||||||
| Updated: | 2018-10-15 | ||||||||
| Summary: | Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. | ||||||||
| CVSS v3 Severity: | 4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MISC Type: UNKNOWN http://alt.swiecki.net/oper1.html Source: CCN Type: Full-Disclosure Mailing List, Fri Jul 13 2007 - 18:50:49 CDT Opera/Konqueror: data: URL scheme address bar spoofing Source: MITRE Type: CNA CVE-2007-3819 Source: MITRE Type: CNA CVE-2007-3820 Source: OSVDB Type: UNKNOWN 38122 Source: CCN Type: RHSA-2007-0905 Moderate: kdebase security update Source: CCN Type: RHSA-2007-0909 Moderate: kdelibs security update Source: CCN Type: SA26074 Opera "data:" URI Scheme Address Bar Spoofing Vulnerability Source: SECUNIA Type: Vendor Advisory 26074 Source: CCN Type: SA26091 Konqueror "data:" URI Scheme Address Bar Spoofing Source: SECUNIA Type: UNKNOWN 26545 Source: GENTOO Type: UNKNOWN GLSA-200708-17 Source: SREASON Type: UNKNOWN 2891 Source: CCN Type: SECTRACK ID: 1018396 KDE Konqueror `data:` URL Display Bug Lets Remote Users Spoof the Address Bar Source: CCN Type: SECTRACK ID: 1018397 Opera `data:` URL Display Bug Lets Remote Users Spoof the Address Bar Source: CCN Type: ASA-2007-413 kdebase security update (RHSA-2007-0905) Source: CCN Type: GLSA-200708-17 Opera: Multiple vulnerabilities Source: CCN Type: Konqueror Web site Konqueror - Web Browser, File Manager - and more! Source: SUSE Type: UNKNOWN SUSE-SR:2007:015 Source: CCN Type: Opera Web site Download Opera Web Browser Source: CCN Type: OSVDB ID: 37242 KDE Konqueror konqueror/konq_combo.cc data: URI Scheme Address Bar Spoofing Source: CCN Type: OSVDB ID: 38122 Opera Crafted data: URI Address Bar Spoofing Source: BUGTRAQ Type: UNKNOWN 20070713 Opera/Konqueror: data: URL scheme address bar spoofing Source: BUGTRAQ Type: UNKNOWN 20070716 Re: Opera/Konqueror: data: URL scheme address bar spoofing Source: CCN Type: BID-24912 KDE Konqueror Address Bar URI Spoofing Vulnerability Source: BID Type: UNKNOWN 24917 Source: CCN Type: BID-24917 Opera Web Browser Address Bar URI Spoofing Vulnerability Source: CCN Type: BID-24918 RETIRED: Konqueror Web Browser Data: URL Scheme Address Bar Spoofing Vulnerability Source: SECTRACK Type: UNKNOWN 1018397 Source: CCN Type: USN-502-1 KDE vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2007-2537 Source: XF Type: UNKNOWN opera-konqueror-addressbar-spoofing(35430) Source: XF Type: UNKNOWN opera-konqueror-addressbar-spoofing(35430) Source: SUSE Type: SUSE-SR:2007:015 SUSE Security Summary Report | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||