CVE-2011-3388

MEDIUM

Description

Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site, instead of the insecure site.

References

http://osvdb.org/74828

http://secunia.com/advisories/45791

http://www.opera.com/docs/changelogs/mac/1151/

http://www.opera.com/docs/changelogs/unix/1151/

http://www.opera.com/docs/changelogs/windows/1151/

http://www.opera.com/support/kb/view/1000/

http://www.securityfocus.com/bid/49388

http://www.securitytracker.com/id?1025997

https://exchange.xforce.ibmcloud.com/vulnerabilities/69515

Details

Source: MITRE

Published: 2011-09-06

Updated: 2017-08-29

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.0:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.0:beta3:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.53:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.0:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.21:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.23:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.24:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.25:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.26:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.27:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.50:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.50:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.50:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.51:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.52:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.60:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.60:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.61:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.62:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.63:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:9.64:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.00:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.00:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.00:beta3:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.10:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.50:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.50:beta2:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.51:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.52:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.53:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.53:b:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.54:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.60:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.60:beta1:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.61:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.62:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:10.63:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.00:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.00:alpha:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.00:beta:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.10:alpha:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.10:beta:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:* versions up to 11.50 (inclusive)

cpe:2.3:a:opera:opera_browser:11.50:alpha:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:11.50:beta:*:*:*:*:*:*

Tenable Plugins

View all (6 total)

IDNameProductFamilySeverity
75984openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)NessusSuSE Local Security Checks
medium
75697openSUSE Security Update : opera (openSUSE-SU-2011:1025-1) (BEAST)NessusSuSE Local Security Checks
medium
59631GLSA-201206-03 : Opera: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
56042Opera < 11.51 Multiple Vulnerabilities (BEAST)NessusWindows
medium
800858Opera < 11.51 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6019Opera < 11.51 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high