Skip to content
High Published: Jan 10, 2005 Modified: Apr 03, 2025

CVE-2004-1157

7.5 CVSS Score High
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Export CVE-2004-1157 Data:
Share:
Link copied!

Description

Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a opera opera_browser * * * * * * * *

Weaknesses (CWE)

  • CWE-74

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2004-2570 CVSS 0 Same weakness: CWE-74 CVE-2005-3007 CVSS 0 Same weakness: CWE-74 CVE-2005-3750 CVSS 0 Same weakness: CWE-74 CVE-2007-4190 CVSS 0 Same weakness: CWE-74 CVE-2008-0456 CVSS 0 Same weakness: CWE-74

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Feb 28, 2022 18:38 Reanalysis
May 14, 2024 01:26 CVE Modified
Nov 20, 2024 23:50 CVE Modified
← Back to CVE Tracker