Cross-Browser Issue CVE-2019-11695: Custom cursor can render over user interface outside of web content
[CVE-2017-5041] Google Chrome Location Bar URL & SSL Spoofing in Omnibox
[Opera Security Advisory DNA-19280] Address bar spoofing with Data URIs
[CVE-2011-2845] URL bar spoof in history handling (URL & SSL indicator Spoofing)
Advisory: Address bar spoofing with Data URIs
UPDATE Link: http://www.opera.com/blogs/security/2014/05/security-changes-opera-21/
Announced: May 6, 2014
Reporter: Security researcher Jordi Chancel
Impact: Low
Products: Opera
Fixed in: Opera 21
Description
When a user chooses to open a link in a new tab, this should still display the address as normal. However, with Data URIs, Opera would accidentally right-align the address field, showing the wrong end of the address. Again, this could allow a specially crafted URL to show what appeared to be a domain name, but which was actually path data. As with the previous bug, it would be missing the domain highlight, but may be enough to fool some users.
Opera’s Response
Opera Software has released Opera 21, where this issue has been fixed.
Credits
Reported by Jordi Chancel.
- Vidéo de démonstration :
-Security Researcher Jordi Chancel