CVE-2011-4690
Published Dec 7, 2011
Last updated 13 years ago
Overview
- Description
- Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30031BF-B34D-4508-A5AB-FB6C7388A864", "versionEndIncluding": "11.60" } ], "operator": "OR" } ] } ]