Back to search
CVE-2008-4200
Published: Sep 27, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2008-2416
vdb-entry
x_refsource_VUPEN
32538
third-party-advisory
x_refsource_SECUNIA
http://www.opera.com/docs/changelogs/mac/952/
x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/solaris/952/
x_refsource_CONFIRM
1020723
vdb-entry
x_refsource_SECTRACK
opera-newsfeed-weak-security(44559)
vdb-entry
x_refsource_XF
30768
vdb-entry
x_refsource_BID
http://www.opera.com/docs/changelogs/windows/952/
x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/linux/952/
x_refsource_CONFIRM
[oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities
mailing-list
x_refsource_MLIST
[oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities
mailing-list
x_refsource_MLIST
31549
third-party-advisory
x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=235298
x_refsource_CONFIRM
http://www.opera.com/docs/changelogs/freebsd/952/
x_refsource_CONFIRM
http://www.opera.com/support/search/view/897/
x_refsource_CONFIRM
GLSA-200811-01
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now