Description
Opera before 10.00, when a collapsed address bar is used, does not properly update the domain name from the previously visited site to the currently visited site, which might allow remote attackers to spoof URLs.
References (7)
Core 7
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/freebsd/1000/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/930/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/solaris/1000/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/linux/1000/
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6460
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1000/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1000/
Scores
EPSS
0.0060
EPSS Percentile
69.7%
Details
Status
published
Products (25)
opera/opera_browser
7.0
opera/opera_browser
7.23
opera/opera_browser
7.53
opera/opera_browser
7.54
opera/opera_browser
7.60
opera/opera_browser
8.0
opera/opera_browser
8.01
opera/opera_browser
8.02
opera/opera_browser
8.50
opera/opera_browser
8.51
... and 15 more
Published
Sep 02, 2009
Tracked Since
Feb 18, 2026