Vulnerability Description
Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opera | Opera Browser | 9.10 |
References
- http://securityreason.com/securityalert/2488
- http://www.securityfocus.com/archive/1/464041/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33488
- http://securityreason.com/securityalert/2488
- http://www.securityfocus.com/archive/1/464041/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33488
FAQ
What is CVE-2007-1737?
CVE-2007-1737 is a vulnerability with a CVSS score of 7.5 (HIGH). Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
How severe is CVE-2007-1737?
CVE-2007-1737 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1737?
Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser.