CVE-2007-5276

Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://crypto.stanford.edu/dns/dns-rebinding.pdf	Technical Description Third Party Advisory
http://osvdb.org/45526	Broken Link
http://crypto.stanford.edu/dns/dns-rebinding.pdf	Technical Description Third Party Advisory
http://osvdb.org/45526	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:37

Type	Values Removed	Values Added
References	~~() http://crypto.stanford.edu/dns/dns-rebinding.pdf - Technical Description, Third Party Advisory~~	() http://crypto.stanford.edu/dns/dns-rebinding.pdf - Technical Description, Third Party Advisory
References	~~() http://osvdb.org/45526 - Broken Link~~	() http://osvdb.org/45526 - Broken Link

Information

Published : 2007-10-08 23:17

Updated : 2024-11-21 00:37

NVD link : CVE-2007-5276

Mitre link : CVE-2007-5276

CVE.ORG link : CVE-2007-5276

JSON object : View

Products Affected

opera

opera_browser

CWE

NVD-CWE-noinfo

{"id": "CVE-2007-5276", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-08T23:17:00.000", "references": [{"url": "http://crypto.stanford.edu/dns/dns-rebinding.pdf", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://osvdb.org/45526", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://crypto.stanford.edu/dns/dns-rebinding.pdf", "tags": ["Technical Description", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/45526", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80."}, {"lang": "es", "value": "Opera 9 descarta asignaciones DNS fijas bas\u00e1ndose en conexiones fallidas a puertos TCP irrelevantes, lo cual facilita a atacantes remotos llevar a cabo ataques de revinculaci\u00f3n DNS, como se ha demostrado mediante un URL con puerto 81 en un SRC de IMG, cuando la asignaci\u00f3n DNS ha sido establecida para una sesi\u00f3n en el puerto 80."}], "lastModified": "2024-11-21T00:37:33.090", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEA17D3F-A17B-47A6-8066-583F63D11468"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}