CVE-2012-3558

LOW

Description

Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects.

References

http://www.opera.com/docs/changelogs/mac/1165/

http://www.opera.com/docs/changelogs/mac/1200/

http://www.opera.com/docs/changelogs/unix/1200/

http://www.opera.com/docs/changelogs/windows/1200/

http://www.opera.com/support/kb/view/1018/

Details

Source: MITRE

Published: 2012-06-14

Updated: 2012-06-15

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 2.6

Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:N)

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW