Vigil@nce: Opera, vulnerabilities of the password manager
December 2008 by Vigil@nce
Several vulnerabilities or weaknesses of the password manager
could be used by an attacker to obtain the password of a site.
– Gravity: 2/4
– Consequences: data reading
– Provenance: internet server
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: unique source (2/5)
– Diffusion of the vulnerable configuration: medium (2/3)
– Number of vulnerabilities in this bulletin: 14
– Creation date: 16/12/2008
IMPACTED PRODUCTS
– Opera
DESCRIPTION
The password manager stores user’s passwords. It automatically
enters user’s password in forms. This feature has several
vulnerabilities or weaknesses.
The password of a second web site can overwrite the first
password. [grav:1/4]
The password is entered in a form belonging to another web site,
without displaying a warning. [grav:1/4]
The password is entered in a form with a different access path.
[grav:2/4]
The password of a second access path can overwrite the first
password. [grav:1/4]
The password of a second protocol can overwrite the first
password. [grav:1/4]
The password is entered in a form with a different protocol,
without displaying a warning. [grav:1/4]
The user can request the password by requesting a less secured
protocol. [grav:2/4]
The password is entered in a form, even if the "autocomplete"
feature is disabled. [grav:2/4]
The password is entered in a form with a different HTTP method,
such as "GET". [grav:1/4]
The password is entered in a form with a different HTTP method,
without displaying a warning. [grav:1/4]
Different paths can not have different passwords. [grav:1/4]
Different ports can not have different passwords. [grav:1/4]
Different protocols can not have different passwords. [grav:1/4]
The password associated to an account is changed without
requesting the user. [grav:1/4]
CHARACTERISTICS
– Identifiers: VIGILANCE-VUL-8334
– Url: http://vigilance.fr/vulnerability/8334