CVE-2009-2068
15.06.2009, 19:30
Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."Enginsight
| Vendor | Product | Version |
|---|---|---|
| opera | opera | 5..10 |
| opera | opera | 5.0 |
| opera | opera | 5.0:beta_2 |
| opera | opera | 5.0:beta_3 |
| opera | opera | 5.0:beta_4 |
| opera | opera | 5.0:beta_5 |
| opera | opera | 5.0:beta_6 |
| opera | opera | 5.0:beta_7 |
| opera | opera | 5.0:beta_8 |
| opera | opera | 5.1 |
| opera | opera | 5.02 |
| opera | opera | 5.2 |
| opera | opera | 5.3 |
| opera | opera | 5.4 |
| opera | opera | 5.5 |
| opera | opera | 5.6 |
| opera | opera | 5.7 |
| opera | opera | 5.8 |
| opera | opera | 5.9 |
| opera | opera | 5.10 |
| opera | opera | 5.11 |
| opera | opera | 5.12 |
| opera | opera | 6.0 |
| opera | opera | 6.0:beta_1 |
| opera | opera | 6.0:beta_2 |
| opera | opera | 6.0:beta_3 |
| opera | opera | 6.1 |
| opera | opera | 6.01 |
| opera | opera | 6.02 |
| opera | opera | 6.03 |
| opera | opera | 6.04 |
| opera | opera | 6.05 |
| opera | opera | 6.06 |
| opera | opera | 6.11 |
| opera | opera | 6.12 |
| opera | opera | 7.0 |
| opera | opera | 7.0:beta_1 |
| opera | opera | 7.0:beta_1v2 |
| opera | opera | 7.0:beta_2 |
| opera | opera | 7.01 |
| opera | opera | 7.02 |
| opera | opera | 7.03 |
| opera | opera | 7.10 |
| opera | opera | 7.11 |
| opera | opera | 7.20 |
| opera | opera | 7.20:beta7 |
| opera | opera | 7.21 |
| opera | opera | 7.22 |
| opera | opera | 7.23 |
| opera | opera | 7.30 |
| opera | opera | 7.50 |
| opera | opera | 7.50:beta_1 |
| opera | opera | 7.51 |
| opera | opera | 7.52 |
| opera | opera | 7.54 |
| opera | opera | 7.54:update_1 |
| opera | opera | 7.55 |
| opera | opera | 8.0 |
| opera | opera | 8.0:beta_1 |
| opera | opera | 8.0:beta_2 |
| opera | opera | 8.01 |
| opera | opera | 8.02 |
| opera | opera | 8.51 |
| opera | opera | 8.52 |
| opera | opera | 8.53 |
| opera | opera | 8.54 |
| opera | opera | 9.0:beta_1 |
| opera | opera | 9.01 |
| opera | opera | 9.02 |
| opera | opera | 9.10 |
| opera | opera | 9.20 |
| opera | opera | 9.21 |
| opera | opera | 9.23 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References