Published: 31/12/2004 Updated: 28/02/2022

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote malicious users to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opera opera browser

source: wwwsecurityfocuscom/bid/10810/info Opera Web Browser is prone to a security weakness that may permit malicious web pages to spoof address bar information This issue is due to a race condition error This issue may be leveraged by an attacker to display false information in the address bar of an unsuspecting user, allowing an att ...

CWE-362 http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html http://www.opera.com/windows/changelogs/754/http://www.securityfocus.com/bid/10810 http://www.osvdb.org/8317 http://secunia.com/advisories/12162 https://exchange.xforce.ibmcloud.com/vulnerabilities/16816 https://nvd.nist.gov https://www.exploit-db.com/exploits/24325/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-2491

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect