Re: [CAL-2012-0015] opera website spoof

From: Code Audit Labs <vulnhunt@gmail.com>
To: full-disclosure@lists.grok.org.uk,bugtraq@securityfocus.com
Cc:
Subject: Re: [CAL-2012-0015] opera website spoof
Date:


thank cve assign a cve id: CVE-2012-3560 to this.

 2012/6/14 18:48, Code Audit Labs д:
>      CAL-2012-0015 opera website spoof
> 
> 
> CVE ID: Opera did not assign ,please cve@mitre.org assign
> CAL ID: CAL-2012-0015
> ref:
> http://blog.vulnhunt.com/index.php/2012/06/14/cal-2012-0015-opera-website-spoof/
> 
> 
> 1 Affected Products
> =================
> 11.61 and prior
> 
> 
> 2 Vulnerability Details
> =====================
> 
> Code Audit Labs http://www.vulnhunt.com has discovered a website
> spoof vulnerability in Opera .When a user types a new URL for the
> browser to load, the currently active page may detect when the
> new page is about to load and prevent the navigation, while still
> leaving the new URL displayed in the address bar. This can then be
> used to spoof the URL of the target page. The malicious page would
> need to employ social engineering tactics in order to guess what
> page the user is likely to try to load next, as it cannot see what
>  URL the user has typed.
> 
> 
> 3: how to fixed
> ==========
> Opera Software has released Opera 12 and Opera 11.65,
> where this issue has been fixed.
> http://www.opera.com/support/kb/view/1022/
> 
> 
> 4 About Code Audit Labs:
> =====================
> Code Audit Labs secure your software,provide Professional include source
> code audit and binary code audit service.
> Code Audit Labs: You create value for customer,We protect your value
> 
> http://www.VulnHunt.com
> http://blog.Vulnhunt.com
> http://t.qq.com/vulnhunt
> http://weibo.com/vulnhunt
> https://twitter.com/vulnhunt
> 






Copyright © 1995-2018 LinuxRocket.net. All rights reserved.