CVE-2011-4690
Opera < 11.60 - Cache Timing Information Disclosure via IFRAME Same Origin Policy Violation
Title source: llmDescription
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
References (2)
Core 2
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/47128
Exploit x_refsource_misc
http://lcamtuf.coredump.cx/cachetime/
Scores
EPSS
0.0023
EPSS Percentile
45.7%
Details
CWE
CWE-264
Status
published
Products (1)
opera/opera_browser
< 11.60
Published
Dec 07, 2011
Tracked Since
Feb 18, 2026