Opera自动重定向跨站脚本漏洞

漏洞信息详情

Opera自动重定向跨站脚本漏洞

• CNNVD编号：CNNVD-200312-072
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2003-1420
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2003-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2003-12-31
  
• 厂        商：
  
  opera_software
• 漏洞来源：
  Discovery of this …

关闭自动重定向的Opera 6.0到7.0版本存在跨站脚本（XSS）漏洞。远程攻击者借助HTTP Location头注入任意web脚本或者HTML。

The vendor has released upgrades to address this issue.
The vendor has released Opera 8.01 to address this issue in Opera 8.0.
Fixes available:
Opera Software Opera Web Browser 6.0 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 6.0.1 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 6.0.2 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 6.0.3 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 6.0.4 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 6.0.5 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 7.0 1win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 7.0 win32

• Opera Software Opera Web Browser 7.02 Win32
  
  http://www.opera.com/download/index.dml?opsys=Windows&lng=en&platform=
  Windows

Opera Software Opera Web Browser 8.0

• Opera Software Opera 8.01
  
  http://www.opera.com/download/

来源: BID
名称: 6962
链接:http://www.securityfocus.com/bid/6962

来源: XF
名称: opera-automatic-redirection-xss(11423)
链接:http://xforce.iss.net/xforce/xfdb/11423

来源: BUGTRAQ
名称: 20030226 Secunia Research: Opera browser Cross Site Scripting
链接:http://www.securityfocus.com/archive/1/313216