CVE-2011-4690

EUVD-2011-4608
Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
operaopera_browser
𝑥
≤ 11.60
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lcamtuf.coredump.cx/cachetime/
http://secunia.com/advisories/47128
http://lcamtuf.coredump.cx/cachetime/
http://secunia.com/advisories/47128