cve-2004-2491
Vulnerability from cvelistv5
Published
2005-10-25 04:00
Modified
2024-08-08 01:29
Severity ?
Summary
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.htmlBroken Link, Exploit
cve@mitre.orghttp://secunia.com/advisories/12162Broken Link, Patch
cve@mitre.orghttp://www.opera.com/windows/changelogs/754/Broken Link, Patch
cve@mitre.orghttp://www.osvdb.org/8317Broken Link, Exploit
cve@mitre.orghttp://www.securityfocus.com/bid/10810Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16816Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.htmlBroken Link, Exploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/12162Broken Link, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.opera.com/windows/changelogs/754/Broken Link, Patch
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/8317Broken Link, Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10810Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16816Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:29:13.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "opera-addressbar-spoofing(16816)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16816"
          },
          {
            "name": "20040726 Opera 7.53 (Build 3850) Address Bar Spoofing Issue",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html"
          },
          {
            "name": "12162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12162"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/windows/changelogs/754/"
          },
          {
            "name": "8317",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/8317"
          },
          {
            "name": "10810",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10810"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "opera-addressbar-spoofing(16816)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16816"
        },
        {
          "name": "20040726 Opera 7.53 (Build 3850) Address Bar Spoofing Issue",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html"
        },
        {
          "name": "12162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12162"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/windows/changelogs/754/"
        },
        {
          "name": "8317",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/8317"
        },
        {
          "name": "10810",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10810"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2491",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "opera-addressbar-spoofing(16816)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16816"
            },
            {
              "name": "20040726 Opera 7.53 (Build 3850) Address Bar Spoofing Issue",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html"
            },
            {
              "name": "12162",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12162"
            },
            {
              "name": "http://www.opera.com/windows/changelogs/754/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/windows/changelogs/754/"
            },
            {
              "name": "8317",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/8317"
            },
            {
              "name": "10810",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10810"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2491",
    "datePublished": "2005-10-25T04:00:00",
    "dateReserved": "2005-10-25T00:00:00",
    "dateUpdated": "2024-08-08T01:29:13.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.53\", \"matchCriteriaId\": \"F90D6121-8ED4-45C3-B156-E48183FA1200\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.\"}]",
      "id": "CVE-2004-2491",
      "lastModified": "2024-11-20T23:53:29.203",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:N/I:P/A:N\", \"baseScore\": 2.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 4.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2004-12-31T05:00:00.000",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/12162\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.opera.com/windows/changelogs/754/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.osvdb.org/8317\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/10810\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Exploit\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16816\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://secunia.com/advisories/12162\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.opera.com/windows/changelogs/754/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.osvdb.org/8317\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/10810\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16816\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-2491\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-31T05:00:00.000\",\"lastModified\":\"2024-11-20T23:53:29.203\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:N/I:P/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.53\",\"matchCriteriaId\":\"F90D6121-8ED4-45C3-B156-E48183FA1200\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/12162\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.opera.com/windows/changelogs/754/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.osvdb.org/8317\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/10810\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16816\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://secunia.com/advisories/12162\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.opera.com/windows/changelogs/754/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.osvdb.org/8317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/10810\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.