CVE-2012-3558

medium

Description

Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects.

References

http://www.opera.com/support/kb/view/1018/

http://www.opera.com/docs/changelogs/windows/1200/

http://www.opera.com/docs/changelogs/unix/1200/

http://www.opera.com/docs/changelogs/mac/1200/

http://www.opera.com/docs/changelogs/mac/1165/

Details

Source: Mitre, NVD

Published: 2012-06-14

Updated: 2012-06-15

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Severity: Medium