Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-10-08T23:00:00
Updated: 2024-08-07T15:24:42.451Z
Reserved: 2007-10-08T00:00:00
Link: CVE-2007-5276
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2007-10-08T23:17:00.000
Modified: 2022-03-01T14:56:15.323
Link: CVE-2007-5276
Redhat
No data.