CVE-2012-3560
Opera < 11.65 - Address Bar Spoofing via Blocked Navigation Detection
Title source: llmDescription
Opera before 11.65 does not ensure that the address field corresponds to the displayed web page during blocked navigation, which makes it easier for remote attackers to conduct spoofing attacks by detecting and preventing attempts to load a different web page.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unix/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1165/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1200/
Various Sources x_refsource_misc
http://blog.vulnhunt.com/index.php/2012/06/14/cal-2012-0015-opera-website-spoof/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1200/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1022/
Scores
EPSS
0.0048
EPSS Percentile
65.3%
Details
CWE
CWE-264
Status
published
Products (29)
opera/opera_browser
5.0 (8 CPE variants)
opera/opera_browser
5.02
opera/opera_browser
5.10
opera/opera_browser
5.11
opera/opera_browser
5.12
opera/opera_browser
6.0 (7 CPE variants)
opera/opera_browser
6.1 (2 CPE variants)
opera/opera_browser
6.01
opera/opera_browser
6.02
opera/opera_browser
6.03
... and 19 more
Published
Jun 14, 2012
Tracked Since
Feb 18, 2026