CVE-2006-3331 — Browser vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.9%

top 16.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedJun 30

Latest updateMay 1

Description

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser< 9.0

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-6x76-3m56-7fw4: Opera before 9↗2022-05-01

▶

CVEList

CVE-2006-3331: Opera before 9↗2006-06-30

▶