homepage Welcome to WebmasterWorld Guest from 54.145.238.55
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Browsers / Opera Browser Usage and Support
Forum Library, Charter, Moderator: open

Opera Browser Usage and Support Forum

    
Opera "phishing" vulnerability in 7.51
RammsteinNicCage

10+ Year Member



 
Msg#: 44 posted 5:43 pm on Jun 28, 2004 (gmt 0)

... a remote user can create HTML that, when loaded by the target user, will set the URL in the status bar to an arbitrary URL.

The HTML includes an IFrame within a cascading style sheet definition and a zero second HTML Refresh statement containing a javascript command. The source URL of the iframe will be listed in the address bar.

This exploit can be used in "phishing" attacks.

[securitytracker.com...]

I believe this was the same thing that was happening on IE, right?

Jennifer

 

BlobFisk

WebmasterWorld Senior Member blobfisk us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 44 posted 8:00 am on Jun 29, 2004 (gmt 0)

Nice catch Jennifer! Anything from Opera themselves on this yet?

RammsteinNicCage

10+ Year Member



 
Msg#: 44 posted 3:40 pm on Jun 29, 2004 (gmt 0)

I was looking through their forums and haven't seen a response from one of the Opera people and a fix hasn't been issued yet. This was apparently found around June 22nd.

Jennifer

bryholmsen

10+ Year Member



 
Msg#: 44 posted 8:56 pm on Jun 30, 2004 (gmt 0)

This isn't the same as MSIE, and it's apparently rather difficult to actually exploit. To exploit it you'll have to get the victim to your site first apparently, and then use the trick. It's just a low risk vulnerability, in other words.

At least from what I can gather.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Browsers / Opera Browser Usage and Support
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved