CVE-2004-1157 in Web Browserinfo

Summary

Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/08/2004

Disclosure

01/10/2005

Moderation

VulDB entry created

Entries

VDB-23719 (1)

CPE

ready

CWE

CWE-290 (Confirmed)

CVSS

7.3

EPSS

0.00673

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-1157
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-1157
CVE Details	https://www.cvedetails.com/cve/CVE-2004-1157/

◂ Previous Overview Next ▸