SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Web Browser)  >  Opera Vendors:  Opera Software
Opera May Display the SSL Certificate of a Trusted Site While Visiting an Untrusted Site
SecurityTracker Alert ID:  1016406
SecurityTracker URL:  http://securitytracker.com/id?1016406
CVE Reference:  CVE-2006-3331   (Links to External Site)
Updated:  Aug 12 2008
Original Entry Date:  Jun 29 2006
Impact:  Modification of system information
Fix Available:  Yes   Vendor Confirmed:  Yes  
Advisory:  Secunia Research
Version(s): 8.54, possibly prior versions
Description:  A vulnerability was reported in Opera. A remote user may be able to cause the SSL certificate from a trusted site to be displayed for an untrusted site.

The browser does not reset the SSL security bar after displaying a download dialog from a SSL-enabled web site. As a result, a remote user can cause Opera to display the yellow SSL security bar from a trusted web site while the target user is visiting an untrusted web site.

The vendor was notified on March 31, 2006.

Jakob Balle of Secunia Research discovered this vulnerability.
Impact:  A remote user may be able to cause the SSL certificate from a trusted site to be displayed while the target user is visiting an untrusted site.
Solution:  No solution was available at the time of this entry.
Vendor URL:  www.opera.com/ (Links to External Site)
Cause:  State error
Underlying OS:  Windows (Any)
Reported By:  Secunia Research <remove-vuln@secunia.com>
Message History:   None.

 Source Message Contents
Date:  Wed, 28 Jun 2006 10:08:30 +0200
From:  Secunia Research <remove-vuln@secunia.com>
Subject:  Secunia Research: Opera SSL Certificate 

 
======================================================================

                     Secunia Research 28/06/2006

            - Opera SSL Certificate "Stealing" Weakness -

======================================================================
Table of Contents

Affected Software....................................................1
Severity.............................................................2
Description of Vulnerabilities.......................................3
Solution.............................................................4
Time Table...........................................................5
Credits..............................................................6
References...........................................................7
About Secunia........................................................8
Verification.........................................................9

======================================================================
1) Affected Software

Opera 8.54

Prior versions may also be affected.

======================================================================
2) Severity

Rating: Not critical
Impact: Spoofing
Where:  From remote

======================================================================
3) Description of Vulnerabilities

Secunia Research has discovered a weakness in Opera, which can be
exploited to display the SSL certificate from a trusted site on an
untrusted site.

The weakness is caused due to Opera not resetting the SSL security
bar after displaying a download dialog from a SSL enabled web site.
This allows an untrusted web site to display yellow SSL security bar
from a trusted web site.

NOTE: A more convincing exploit can be done using pop-up windows,
which do not have a visible address bar.

======================================================================
4) Solution

Upgrade to version 9.0.

======================================================================
5) Time Table

31/03/2006 - Initial vendor notification.
28/06/2006 - Public disclosure.

======================================================================
6) Credits

Discovered by Jakob Balle, Secunia Research.

======================================================================
7) References

No references available.

======================================================================
8) About Secunia

Secunia collects, validates, assesses, and writes advisories regarding
all the latest software vulnerabilities disclosed to the public. These
advisories are gathered in a publicly available database at the
Secunia website:

http://secunia.com/

Secunia offers services to our customers enabling them to receive all
relevant vulnerability information to their specific system
configuration.

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/secunia_security_advisories/

======================================================================
9) Verification

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2006-49/advisory/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

======================================================================


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC