CVE-2001-0898

Opera <6.0 - Info Disclosure

Title source: llm

Description

Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · textremotewindows

https://www.exploit-db.com/exploits/21156

View Code ZIP pw:eip

References (4)

Core 4

Core References

Third Party Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/7567.php

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=100588139312696&w=2

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=100586079932284&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/3553

Scores

EPSS 0.0696

EPSS Percentile 91.5%

Details

Status published

Products (1)

opera_software/opera_web_browser < 6.0

Published Nov 15, 2001

Tracked Since Feb 18, 2026