PT-2012-3658 · Opera+1 · Opera+1

Publicado

2012-03-27

·

Atualizado

2018-01-06

·

CVE-2012-1926

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Opera versions prior to 11.62
Description The issue allows remote attackers to bypass the Same Origin Policy via the history.pushState and history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.
Recommendations For Opera versions prior to 11.62, update to version 11.62 or later to resolve the issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2012-1926

Produtos afetados

Opera
Suse