CVE-2009-4071

Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:opera:opera_browser:*:beta_1:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.53:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.21:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.51:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.52:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:9.64:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:10:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:10.00:beta_3:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*

History

21 Nov 2024, 01:08

Type Values Removed Values Added
References () http://osvdb.org/60527 - () http://osvdb.org/60527 -
References () http://secunia.com/advisories/37469 - () http://secunia.com/advisories/37469 -
References () http://www.opera.com/docs/changelogs/mac/1010/ - Patch () http://www.opera.com/docs/changelogs/mac/1010/ - Patch
References () http://www.opera.com/docs/changelogs/unix/1010/ - Patch () http://www.opera.com/docs/changelogs/unix/1010/ - Patch
References () http://www.opera.com/docs/changelogs/windows/1010/ - Patch () http://www.opera.com/docs/changelogs/windows/1010/ - Patch
References () http://www.opera.com/support/kb/view/941/ - Vendor Advisory () http://www.opera.com/support/kb/view/941/ - Vendor Advisory
References () http://www.securityfocus.com/bid/37089 - () http://www.securityfocus.com/bid/37089 -
References () http://www.vupen.com/english/advisories/2009/3297 - () http://www.vupen.com/english/advisories/2009/3297 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385 -

Information

Published : 2009-11-24 17:30

Updated : 2024-11-21 01:08


NVD link : CVE-2009-4071

Mitre link : CVE-2009-4071

CVE.ORG link : CVE-2009-4071


JSON object : View

Products Affected

opera

  • opera_browser
CWE
CWE-16

Configuration