CVE-2002-2414

Name of the Vulnerable Software and Affected Versions Opera version 6.0.3

Description The issue occurs when Opera 6.0.3 is used with Squid 2.4 for HTTPS proxying and does not properly handle the acceptance of a non-global certificate authority (CA) certificate from a site, leading to a denial of service (crash) when establishing a subsequent HTTPS connection. This allows remote attackers to cause the crash.

Recommendations For Opera version 6.0.3, consider avoiding the use of non-global certificate authority (CA) certificates until a fix is available. As a temporary workaround, restrict the acceptance of certificates from unknown or untrusted sites to minimize the risk of exploitation.