CVE-2009-3049
First published: Wed Sep 02 2009(Updated: )
Opera before 10.00 does not properly display all characters in Internationalized Domain Names (IDN) in the address bar, which allows remote attackers to spoof URLs and conduct phishing attacks, related to Unicode and Punycode.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Opera | =7.23 | |
| Opera | =9.02 | |
| Opera | =7.53 | |
| Opera | =8.50 | |
| Opera | =9.51 | |
| Opera | =8.53 | |
| Opera | =9.12 | |
| Opera | =8.0 | |
| Opera | =8.54 | |
| Opera | =8.02 | |
| Opera | =9.20 | |
| Opera | =9.21 | |
| Opera | =8.51 | |
| Opera | =9.64 | |
| Opera | =7.60 | |
| Opera | =7.54 | |
| Opera | =9.22 | |
| Opera | =9.01 | |
| Opera | =9.0 | |
| Opera | =9.10 | |
| Opera | <=10.00 | |
| Opera | =8.52 | |
| Opera | =8.01 | |
| Opera | =9.52 | |
| Opera | =7.0 | |
| Web Browser for Android | <=10.00 | |
| Web Browser for Android | =7.0 | |
| Web Browser for Android | =7.23 | |
| Web Browser for Android | =7.53 | |
| Web Browser for Android | =7.54 | |
| Web Browser for Android | =7.60 | |
| Web Browser for Android | =8.0 | |
| Web Browser for Android | =8.01 | |
| Web Browser for Android | =8.02 | |
| Web Browser for Android | =8.50 | |
| Web Browser for Android | =8.51 | |
| Web Browser for Android | =8.52 | |
| Web Browser for Android | =8.53 | |
| Web Browser for Android | =8.54 | |
| Web Browser for Android | =9.0 | |
| Web Browser for Android | =9.01 | |
| Web Browser for Android | =9.02 | |
| Web Browser for Android | =9.10 | |
| Web Browser for Android | =9.12 | |
| Web Browser for Android | =9.20 | |
| Web Browser for Android | =9.21 | |
| Web Browser for Android | =9.22 | |
| Web Browser for Android | =9.51 | |
| Web Browser for Android | =9.52 | |
| Web Browser for Android | =9.64 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.opera.com/docs/changelogs/freebsd/1000/
- http://www.opera.com/docs/changelogs/linux/1000/
- http://www.opera.com/docs/changelogs/mac/1000/
- http://www.opera.com/docs/changelogs/solaris/1000/
- http://www.opera.com/docs/changelogs/windows/1000/
- http://www.opera.com/support/kb/view/932/
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6235
Frequently Asked Questions
What is the severity of CVE-2009-3049?
CVE-2009-3049 has a medium severity rating due to the potential for phishing attacks.
How do I fix CVE-2009-3049?
To fix CVE-2009-3049, update the Opera browser to version 10.00 or later.
What versions of Opera are affected by CVE-2009-3049?
CVE-2009-3049 affects various Opera browser versions prior to 10.00, including 7.0 to 9.64.
What type of attack can be executed using CVE-2009-3049?
CVE-2009-3049 can be exploited to conduct URL spoofing and phishing attacks.
What is the primary issue described in CVE-2009-3049?
CVE-2009-3049 primarily involves improper display of Internationalized Domain Names in the address bar.
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- collector/nvd-historical
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/opera
- canonical/opera
- version/opera/7.23
- version/opera/9.02
- version/opera/7.53
- version/opera/8.50
- version/opera/9.51
- version/opera/8.53
- version/opera/9.12
- version/opera/8.0
- version/opera/8.54
- version/opera/8.02
- version/opera/9.20
- version/opera/9.21
- version/opera/8.51
- version/opera/9.64
- version/opera/7.60
- version/opera/7.54
- version/opera/9.22
- version/opera/9.01
- version/opera/9.0
- version/opera/9.10
- version/opera/10.00
- version/opera/8.52
- version/opera/8.01
- version/opera/9.52
- version/opera/7.0
- canonical/web browser for android
- version/web browser for android/10.00
- version/web browser for android/7.0
- version/web browser for android/7.23
- version/web browser for android/7.53
- version/web browser for android/7.54
- version/web browser for android/7.60
- version/web browser for android/8.0
- version/web browser for android/8.01
- version/web browser for android/8.02
- version/web browser for android/8.50
- version/web browser for android/8.51
- version/web browser for android/8.52
- version/web browser for android/8.53
- version/web browser for android/8.54
- version/web browser for android/9.0
- version/web browser for android/9.01
- version/web browser for android/9.02
- version/web browser for android/9.10
- version/web browser for android/9.12
- version/web browser for android/9.20
- version/web browser for android/9.21
- version/web browser for android/9.22
- version/web browser for android/9.51
- version/web browser for android/9.52
- version/web browser for android/9.64