CVE-2011-4690

Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.

Published: Dec 7, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4690
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
opera / opera_browser	-	11.60.x

http://lcamtuf.coredump.cx/cachetime/
http://secunia.com/advisories/47128

Vulnerability Database

289,697

CVE-2011-4690