Opera FTP视图跨站脚本漏洞

漏洞信息详情

Opera FTP视图跨站脚本漏洞

CNNVD编号：CNNVD-200212-518
危害等级：中危-->
危害等级：中危
CVE编号： CVE-2002-2358
漏洞类型：跨站脚本
发布时间： 2002-12-31
威胁类型：远程
更新时间： 2002-12-31
厂商： opera_software
漏洞来源： .');">Discovered by Eiji...

漏洞简介

Opera 6.0版本以及6.01版本到6.04版本的FTP视图功能存在跨站脚本(XSS)漏洞。远程攻击者可以借助FTP URL的标题标签注入任意web脚本或HTML。

漏洞公告

This vulnerability is eliminated in Opera Web Browser 6.0.5 Win32. Opera Software Opera Web Browser 6.0 win32

Opera Software Opera Web Browser 6.0.5 Win32 http://www.opera.com/download/get.pl?platform=win&force=6.05

Opera Software Opera Web Browser 6.0.1 win32

Opera Software Opera Web Browser 6.0.5 Win32 http://www.opera.com/download/get.pl?platform=win&force=6.05

Opera Software Opera Web Browser 6.0.2 win32

Opera Software Opera Web Browser 6.0.5 Win32 http://www.opera.com/download/get.pl?platform=win&force=6.05

Opera Software Opera Web Browser 6.0.3 win32

Opera Software Opera Web Browser 6.0.5 Win32 http://www.opera.com/download/get.pl?platform=win&force=6.05

Opera Software Opera Web Browser 6.0.4 win32

Opera Software Opera Web Browser 6.0.5 Win32 http://www.opera.com/download/get.pl?platform=win&force=6.05

参考网址

来源: BID 名称: 5401 链接:http://www.securityfocus.com/bid/5401 来源: www.opera.com 链接:http://www.opera.com/windows/changelogs/605/?session=b2a9ea38c710788c23970ba2c9a34d47 来源: XF 名称: multiple-ftp-view-xss(9757) 链接:http://www.iss.net/security_center/static/9757.php 来源: VULNWATCH 名称: 20020806 Opera FTP View Cross-Site Scripting Vulnerability 链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0061.html

受影响实体

Opera_software Opera_web_browser:6.0
Opera_software Opera_web_browser:6.0.1
Opera_software Opera_web_browser:6.0.1:Linux
Opera_software Opera_web_browser:6.0.1:Win32
Opera_software Opera_web_browser:6.0.2:Win32

补丁

暂无

正文

Opera FTP视图跨站脚本漏洞

漏洞信息详情