CVE-2008-2716

Published Jun 16, 2008

Last updated 3 years ago

CVSS info 5.0

Overview

Description: Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-1021

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BA98379-69F0-409C-BD52-A667DDF00F8C",
            "versionEndExcluding": "9.5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2008-2716
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html
http://secunia.com/advisories/30636
http://secunia.com/advisories/30682
http://www.opera.com/docs/changelogs/linux/950/#security
http://www.opera.com/docs/changelogs/windows/950/#security
http://www.opera.com/support/search/view/885/
http://www.securityfocus.com/bid/29684
http://www.securitytracker.com/id?1020292
http://www.vupen.com/english/advisories/2008/1812
https://exchange.xforce.ibmcloud.com/vulnerabilities/43033

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References