CVE-2005-1669
CVSS6.8
发布时间 :2005-06-16 00:00:00
修订时间 :2008-09-05 16:49:45
NMCOS    

[原文]Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains.


[CNNVD]Opera 8.0 Final Build 1 跨站脚本攻击漏洞(CNNVD-200506-169)

        Opera 8.0 Final Build 1095浏览器中存在跨站脚本攻击(XSS)漏洞,在打开新窗口或窗体时,远程攻击者可借助"javascript:" URL注入任意Web脚本或HTML,从而绕过对其它域名的访问限制并对其执行非授权操作。

- CVSS (基础分值)

CVSS分值: 6.8 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1669
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1669
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200506-169
(官方数据源) CNNVD

- 其它链接及资源

http://secunia.com/secunia_research/2005-5/advisory/
(VENDOR_ADVISORY)  MISC  http://secunia.com/secunia_research/2005-5/advisory/
http://secunia.com/advisories/15411
(VENDOR_ADVISORY)  SECUNIA  15411

- 漏洞信息

Opera 8.0 Final Build 1 跨站脚本攻击漏洞
中危 跨站脚本
2005-06-16 00:00:00 2005-10-20 00:00:00
远程  
        Opera 8.0 Final Build 1095浏览器中存在跨站脚本攻击(XSS)漏洞,在打开新窗口或窗体时,远程攻击者可借助"javascript:" URL注入任意Web脚本或HTML,从而绕过对其它域名的访问限制并对其执行非授权操作。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Opera Software Opera Web Browser 8.0
        Opera Software Opera 8.01
        http://www.opera.com/download/

- 漏洞信息

17543
Opera javascript: URL XSS
Remote / Network Access Input Manipulation
Loss of Confidentiality, Loss of Integrity
Exploit Public Vendor Verified

- 漏洞描述

Opera contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not restrict the privileges of "javascript:" URLs when opened in new windows or frames. This could allow a user to create specially crafted HTML that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity or confidentiality.

- 时间线

2005-06-16 Unknow
2005-06-16 Unknow

- 解决方案

Upgrade to version 8.01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Opera Web Browser Cross-Site Scripting Local File Disclosure Vulnerability
Input Validation Error 13969
Yes No
2005-06-16 12:00:00 2009-07-12 04:06:00
Discovery is credited to Jakob Balle, Secunia Research.

- 受影响的程序版本

S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
Opera Software Opera Web Browser 8.0
Opera Software Opera Web Browser 8.0 1

- 不受影响的程序版本

Opera Software Opera Web Browser 8.0 1

- 漏洞讨论

Opera Web Browser is affected by a cross-site scripting vulnerability that can be leveraged to disclose local files as well.

Attackers may steal cookie-based authentication credentials, disclose local files in the context of the browser and carry out other attacks.

Opera Web Browser version 8.0 is prone to this issue.

- 漏洞利用

An exploit is not required.

- 解决方案

The vendor has released Opera 8.01 to address this issue.

SUSE has released security announcement SUSE-SA:2005:034 addressing this issue. Please see the referenced advisory for further information.


Opera Software Opera Web Browser 8.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站