homepage Welcome to WebmasterWorld Guest from 54.205.106.111
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Browsers / Opera Browser Usage and Support
Forum Library, Charter, Moderator: open

Opera Browser Usage and Support Forum

    
Opera "phishing" vulnerability in 7.51
RammsteinNicCage




msg:1585924
 5:43 pm on Jun 28, 2004 (gmt 0)

... a remote user can create HTML that, when loaded by the target user, will set the URL in the status bar to an arbitrary URL.

The HTML includes an IFrame within a cascading style sheet definition and a zero second HTML Refresh statement containing a javascript command. The source URL of the iframe will be listed in the address bar.

This exploit can be used in "phishing" attacks.

[securitytracker.com...]

I believe this was the same thing that was happening on IE, right?

Jennifer

 

BlobFisk




msg:1585925
 8:00 am on Jun 29, 2004 (gmt 0)

Nice catch Jennifer! Anything from Opera themselves on this yet?

RammsteinNicCage




msg:1585926
 3:40 pm on Jun 29, 2004 (gmt 0)

I was looking through their forums and haven't seen a response from one of the Opera people and a fix hasn't been issued yet. This was apparently found around June 22nd.

Jennifer

bryholmsen




msg:1585927
 8:56 pm on Jun 30, 2004 (gmt 0)

This isn't the same as MSIE, and it's apparently rather difficult to actually exploit. To exploit it you'll have to get the victim to your site first apparently, and then use the trick. It's just a low risk vulnerability, in other words.

At least from what I can gather.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Browsers / Opera Browser Usage and Support
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved