CVE-2012-3558
Opera < 11.65 - URL Spoofing via Address Field Manipulation
Title source: llmDescription
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during unusually timed changes to this field, which makes it easier for user-assisted remote attackers to conduct spoofing attacks via vectors involving navigation, reloads, and redirects.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1165/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unix/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1018/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1200/
Scores
EPSS
0.0034
EPSS Percentile
56.7%
Details
CWE
CWE-264
Status
published
Products (29)
opera/opera_browser
5.0 (8 CPE variants)
opera/opera_browser
5.02
opera/opera_browser
5.10
opera/opera_browser
5.11
opera/opera_browser
5.12
opera/opera_browser
6.0 (7 CPE variants)
opera/opera_browser
6.1 (2 CPE variants)
opera/opera_browser
6.01
opera/opera_browser
6.02
opera/opera_browser
6.03
... and 19 more
Published
Jun 14, 2012
Tracked Since
Feb 18, 2026