Test ID:	1.3.6.1.4.1.25623.1.0.14244
Category:	Windows
Title:	Opera web browser address bar spoofing weakness
Summary:	The remote host is using Opera - an alternative web browser.;; This version of Opera is vulnerable to a security weakness; that may permit malicious web pages to spoof address bar information.;; This is reportedly possible through malicious use of the; JavaScript 'unOnload' event handler when the browser; is redirected to another page.;; This issue could be exploited to spoof the domain of a malicious web page,; potentially causing the victim user to trust the spoofed domain.
Description:	Summary: The remote host is using Opera - an alternative web browser. This version of Opera is vulnerable to a security weakness that may permit malicious web pages to spoof address bar information. This is reportedly possible through malicious use of the JavaScript 'unOnload' event handler when the browser is redirected to another page. This issue could be exploited to spoof the domain of a malicious web page, potentially causing the victim user to trust the spoofed domain. Solution: Install Opera 7.50 or newer. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2260 BugTraq ID: 10337 http://www.securityfocus.com/bid/10337 http://secunia.com/secunia_research/2004-2/advisory/ http://www.osvdb.org/6108 http://secunia.com/advisories/11532 XForce ISS Database: opera-onunload-url-spoofing(16131) https://exchange.xforce.ibmcloud.com/vulnerabilities/16131
Copyright	Copyright (C) 2004 David Maciejak

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.