VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 15, 2004· Updated Apr 16, 2026

CVE-2003-0593

CVE-2003-0593

Description

Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

Affected products

25
  • Opera/Opera Browser25 versions
    cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*+ 24 more
    • cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.