CVE-2005-1669

Name of the Vulnerable Software and Affected Versions Opera version 8.0 Final Build 1095

Description The issue allows remote attackers to inject arbitrary web script or HTML via javascript: URLs when a new window or frame is opened. This enables attackers to bypass access restrictions and perform unauthorized actions on other domains. The problem exists because the application does not restrict the privileges of javascript: URLs when opened in new windows or frames, which could allow a user to create specially crafted HTML that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity or confidentiality.

Recommendations For Opera version 8.0 Final Build 1095, consider disabling the execution of javascript: URLs in new windows or frames as a temporary workaround until a patch is available. Restrict access to sensitive domains and resources to minimize the risk of exploitation.