Vulnerability Description
Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to interact with a web page from (1) a different domain or (2) a different security context.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opera | Opera Browser | <= 10.62 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/41740Vendor Advisory
- http://securitytracker.com/id?1024570
- http://www.opera.com/docs/changelogs/mac/1063/
- http://www.opera.com/docs/changelogs/unix/1063/
- http://www.opera.com/docs/changelogs/windows/1063/
- http://www.opera.com/support/kb/view/973/Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://secunia.com/advisories/41740Vendor Advisory
- http://securitytracker.com/id?1024570
- http://www.opera.com/docs/changelogs/mac/1063/
- http://www.opera.com/docs/changelogs/unix/1063/
- http://www.opera.com/docs/changelogs/windows/1063/
- http://www.opera.com/support/kb/view/973/Vendor Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2010-4045?
CVE-2010-4045 is a vulnerability with a CVSS score of 9.3 (HIGH). Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site script...
How severe is CVE-2010-4045?
CVE-2010-4045 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4045?
Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser.